[Snort-users] Where is it?

John Kiehnle john at ...1477...
Fri Mar 23 19:32:16 EST 2001


My post was simply an effort to assist.  ps -ax | grep snort works... period. 
Even if you start snort with full path or not. Thank you Brian for the complete
correct answer.  The idea is to get and report on a running process... and my
initial response shows a snort process running, started with full path or not.

I apologize for directing my response to you Mr Fyodor, it was in no way meant
to be a correction of anything you had posted... just a quick answer for Mr
Barr.

Have a great day ! 

John

 
On Sat, 24 Mar 2001 01:58:20 +0700, Fyodor said:

> On Fri, Mar 23, 2001 at 08:15:25AM -0800, John Kiehnle wrote:
>  > try ps -ax | grep snort
>  > 
>  > the redhat man page indicates the -u switch selects by effective userID.
>  > 
>  > John
>  
>  Duh?! all the time it was showing ps information including user ID. 
>  
>     -u      Display information associated with the following keywords: user,
>               pid, %cpu, %mem, vsz, rss, tt, state, start, time and command.
>               The -u option implies the -r option.
>  
>  >  
>  > 
>  > 
>  > On Fri, 23 Mar 2001 22:00:35 +0700, Fyodor said:
>  > 
>  > > On Fri, Mar 23, 2001 at 08:46:58AM -0600, Joe Barr wrote:
>  > >  > 
>  > >  > I've installed snort 1.7 on a RH 7.0 box.  It's running.
>  > >  > But it doesn't show up anywhere when I do a "ps aux".
>  > >  > 
>  > >  > Where is the darn thing?
>  > >  > 
>  > >  
>  > >  Are you sure you didn't install any rootkit named snort? :)) what do you see if you do 'ps uax | grep snort'? :)
>  > >  
>  > >  _______________________________________________
>  > >  Snort-users mailing list
>  > >  Snort-users at lists.sourceforge.net
>  > >  Go to this URL to change user options or unsubscribe:
>  > >  http://lists.sourceforge.net/lists/listinfo/snort-users
>  > >  Snort-users list archive:
>  > >  http://www.geocrawler.com/redir-sf.php3?list=snort-users
>  > >  
>  > 
>  > -- 
>  > GnuPG id: 0xC0C0D3BB John Kiehnle (Be Tao) <john at ...1477...>
>  > fingerprint: 5C08 B247 2AC9 0175 1DA3 ED0B 3BAF 0AED C0C0 D3BB
>  > 
>  > 
>  

-- 
GnuPG id: 0xC0C0D3BB John Kiehnle (Be Tao) <john at ...1477...>
fingerprint: 5C08 B247 2AC9 0175 1DA3 ED0B 3BAF 0AED C0C0 D3BB






More information about the Snort-users mailing list