[Snort-users] Snort 1.8.4 not logging

Michael L Squires mikes at ...5252...
Fri Mar 15 17:00:26 EST 2002


On Fri, 15 Mar 2002, Martin Roesch wrote:

> Hey, we haven't announced that as being released yet! ;)
> 
> We're unable to recreate the problem here, can you show us your snort.conf
> and command line?  What OS are you on?
> 
>      -Marty
> 
> On 3/15/02 7:11 PM, "Paul.Simons at ...5169..." <Paul.Simons at ...5169...>
> wrote:
> 
> > I have just installed version 1.8.4 and started it up in NIDS mode.
> > I changed to snort.conf to reflect my network and I am not seeing any logs
> > in the /var/log/snort directory.
> > The 'alerts' and 'portscan.log' files have been created but are size=0. I
> > have been running for over 2 hours and I can't believe my network is that
> > clean :-)

I had this problem when I had the HOME_NET incorrectly defined.

In my case I was switched to InsightBB/ATTBI, which uses a 255.255.248.00
subnet mask and I incorrectly calculated the subnet address and CIDR.

MLS






More information about the Snort-users mailing list