[Snort-users] Am I missing Something? (changes from 1.8.2 to 1.8.3 ?)

Semerjian, Ohanes Semerjian.Ohanes at ...4899...
Mon Feb 11 17:02:23 EST 2002


Just keep it simple to start with something like

/path/snort -c /path/snort.conf and see if u r snort machine will pickup
something, also for test purpose leave the external and home net as (any to
any ). Once working refine it as u like.



Best Regards

Ohanes Semerjian


-----Original Message-----
From: Dany Allard [mailto:dallard at ...1295...]
Sent: Tuesday, 12 February 2002 7:59
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Am I missing Something? (changes from 1.8.2 to
1.8.3 ?)


Hello Everyone.

  Here is my problem.

 Using  a recent snort.conf file (snort.conf,v 1.82 2002/01/20 04:35:40
roesch) I can get snort 1.8.2 to work perfectly.
However if I use the same snort.conf file, same rules, and same command
to start it up
"/usr/local/bin/snort -D -b -c /etc/snort/snort.conf -h xxx.xxx.xxx.0/24
-i eth1" with version 1.8.3 I don't get anything.
I then use a second machine to portscan (nmap) my HOME_NET, nothing
shows up in portscan.log using 1.8.3. but 1.8.2 picks up everything.

To answer the usual questions:
 I have read the FAQ, INSTALL,Changelog, and README files.
I have also searched through the archives.
I am running the  2.2.14-15 linux kernel.
I am also using libnet-1.0-1mdk, libtermcap-devel-2.0.8-16mdk,
libpcap-0.4-3mdk.

Snort was compiled using the standard (configure, make, make install).

Did I miss something in the Documentation? The Archives? Do I need a
newer version (kernel, libraries)?

Any assistance or even guesses would be helpful.

Thanks

Dany Allard

P.S. I also tried snort-current downloaded this morning (Feb 11 2002)
with no success.


_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list