[Snort-users] not logging??

Henrik Anmarkrud henrik.anmarkrud at ...2065...
Sun May 20 20:33:34 EDT 2001


i have a RH7.1 box with ipchains, snort and the snort rules tarball set
up.

when running nmap on myself, i get no results in neither syslog, alert
nor portscan.log.

when running another win32 scanner from a different place on the
internet, i still get
no alerts.

my $HOME is set to my ethernet interface in snort.conf.
i have also #'ed out the local.rules from the same file.

snort picks up info when running snort -v.

the command i'm using is:
snort -s -d -D -i eth0 -l /var/log/snort/ -c snort.conf

and it shows the daemon running when doing a  ps awx|grep snort.

scanning myself in this way, should produce entries in alert or
portscan.log, right?
if so, why isn't that happening?






More information about the Snort-users mailing list