[Snort-users] Snort question
summer_beha at ...131...
Fri Sep 13 11:54:02 EDT 2002
I tried to run snort in IDS mode, with the following
command, but got a "command not found" error.
./snort -dev -l .log -h ip address -c snort.conf
any ideas what's happening?
--- Ed Kasky <ed at ...3483...> wrote:
> I have Snort ver 1.8.7 running on a RH 7.2 machine
> using Mysql and running
> as "snort"
> From the init script:
> daemon /usr/local/bin/snort -u snort -D -c
> From snort.conf:
> output database: alert, mysql, user=snort
> password=XXXXX dbname=snort
> It's been running fine until the last day or so when
> I started getting:
> snort: FATAL ERROR: ERROR: OpenLogFile() =>
> mkdir(/var/log/snort/188.8.131.52) log directory:
> Permission denied
> I changed /var/log/snort to snort.snort and 700 but
> it continues.
> My first question is if I am using Mysql, why does
> it still write the ip logs?
> Secondly, if I start it as snort, why does it write
> the ip logs as rppt.bin?
> drwx------ 2 root bin 4096 Sep 10 13:37
> Thanks in advance for any advice...
> Ed Kasky
> Los Angeles, CA
> . . . . . . . .
> Conscience is the inner voice warning us that
> someone may be looking.
> -H.L. Mencken
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or
> Snort-users list archive:
Do you Yahoo!?
Yahoo! News - Today's headlines
More information about the Snort-users