[Snort-users] snort not logging
luckysnutt at ...5190...
Sat Jun 8 21:00:01 EDT 2002
I have just setup a dedicated snort box with two network cards sitting
behind a cable modem. The snort box has a 0.0.0.0 address and is not logging
anything in /var/log/alert, and I am running snort with /usr/local/
aris-sensor/snort -A fast -b -q -l /var/log/snort -d -D -c
/usr/local/aris-sensor/snort.conf . I have a hub behind the cable modem and
two boxes plugged into this hub. One a firewall box and the other the snort
box. The second network card of the snort box is connect to the firewall dmz
card. Both boxes have snort running.
I am tailing alert and messages files on both boxes. When I port scan from
the internet side I get alerts on the firewall box but no alerts on the
snort box. Any ideas for no alerts being logged to the snort box????
More information about the Snort-users