[Snort-users] snort local.rules help

Brent misterb at ...2851...
Tue Oct 2 11:24:03 EDT 2001


OK i got it running by editing the local.rules file to reflect my
network....anywho ...is ACID the GUI for snort ??
or does snort just report to syslog ???  or logcheck ?? or what ??

Brent
----- Original Message -----
From: "Brent" <misterb at ...2851...>
To: "John Sage" <jsage at ...2022...>
Cc: "'snort-users'" <snort-users at lists.sourceforge.net>
Sent: Tuesday, October 02, 2001 12:27 PM
Subject: Re: [Snort-users] snort local.rules help


> ok ...but doesnt this defeat the purpose of haveing a local.rules
file....i
> know that its a set of rules for the local network...but how should
> configure it ??  is there a referrence to go by ??  besides the
> local.rules.sample that comes with the port
> thank you for your replies
> Brent
> ----- Original Message -----
> From: "John Sage" <jsage at ...2022...>
> To: "Brent" <misterb at ...2851...>
> Cc: "'snort-users'" <snort-users at lists.sourceforge.net>
> Sent: Monday, October 01, 2001 11:16 AM
> Subject: Re: [Snort-users] snort local.rules help
>
>
> > Brent:
> >
> > Try commenting the offending line in snort.conf out, thusly:
> >
> > # include local.rules
> >
> >
> > - John
> >
> > --
> > John Sage
> > FinchHaven, Vashon Island, WA, USA
> > http://www.finchhaven.com/
> > mailto:jsage at ...2022...
> > "The web is so, like, five minutes ago..."
> >
> >
> > Brent wrote:
> >
> > > Im trying to run snort on my FBSD 4.3 box ...when i start it doing:
> > >
> > > /usr/local/bin/snort -d -h 192.168.0.0/24 -l /var/log/snort.log -c
> > > /usr/local/etc/snort.conf &
> > >
> > >   from /etc/rc.conf
> > >
> > > i get it cant initialize because it cant find local.rules.... however
> > > the local.rules is in the the default directory for snort
> > >
> > > but its empty
> > >
> > > there is A  local.rules.sample    but im not sure how to apply it to
my
> > > situation..
> > >
> > > any help is greatly appreciated
> > >
> > > Brent
> > >
> >
> >
> >
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>





More information about the Snort-users mailing list