[Snort-users] problems getting logs :(
sentissi at ...1999...
Wed May 9 11:30:10 EDT 2001
I installed snort couple of days ago and when I run it and ran nmap on
myself (on my private address ) it gave just one log entry ! and this
morning and yesterday night I don't get any more logs :( even if I run
nmap on myself!
var HOME_NET $eth0_ADDRESS
var EXTERNAL_NET any
var DNS_SERVERS [18.104.22.168,22.214.171.124]
preprocessor http_decode: 80 8080
preprocessor portscan: $HOME_NET 4 3 /var/log/snort/portscan.log
preprocessor portscan-ignorehosts: $DNS_SERVERS
output alert_syslog: LOG_AUTHPRIV LOG_ALERT
the command I run is :
/usr/sbin/snort -u snort -g snort -D -i eth0 -d -c
I don't know if it's a permission problem on some log files but .....
anybody faced this provlem before ?
nmap : nmap -sX -P0 -D 126.96.36.199,188.8.131.52 192.168.1.1
More information about the Snort-users