FW: [Snort-users] Sending Alert Via E-mail

Erek Adams erek at ...577...
Sun Nov 25 13:25:02 EST 2001

On Sat, 24 Nov 2001, Fadzly Zainuddin wrote:

> I'm connecting my Snort IDS machine together my mail server in the same hub.

Caution:  Not all hubs are hubs.  See FAQ 6.2.1


> I just wonder why my IDS could not detect anything when I scan my mail
> server port. When I scan IDS machine port , my IDS able to detect. I send a
> port scanning request from external PC. Theoretically when I scan my mail
> server, my IDS machine should receive a same thing because hub will
> broadcast right? Am I correct or I need the specified a special command.
> Current my command is
> ./snort -dev -l ./log -h xxx.xxx.xxx.0/24 -c snort.conf

Now, If that's not your problem, then I would think it's in your snort.conf

As for emailing alerts:  5.7


Hope that helps!

Erek Adams

More information about the Snort-users mailing list