[Snort-users] Some Events are not logging to the snort logs.

Josh Lutz jlutz at ...4503...
Tue Jan 8 12:33:16 EST 2002


I check /var/log/authlog and I see attempts by the Code Red II worm
testing my perimeter (coming in, not going out.) However, when I look at
the snort logs, I do not see any record of the attempt. As I understand
it, my snort log should capture these attempts and send an alert. As a
new user to Snort, I am uncertain at best, but to aid any one assisting
me, I am starting snort via the following cmd line:
 
[path to snort]/snort -i xl1 -d -c [path to snort.conf] -l
/home/snort/ext_log -s -b -D
 
Any help would be greatly appreciated.
Thanks,
Josh
 
---------------------------------------------
Joshua Lutz
Network Engineer, ESI Enterprises, Inc.
1188 Centre Street
Newton Centre MA 02459
p. 617.527.4343 x107
f. 617.527.3303
e. jlutz at ...4501...
 




More information about the Snort-users mailing list