[Snort-users] packet logging
cc at ...9707...
Wed Jul 23 00:09:04 EDT 2003
I'm new to snort and am finding it to be quite a
difficult app to understand.
I do have a basic setup done and just upgraded
to 2.0.1. I have it logging to a log directory.
I'm just testing snort right now and was wondering if someone
could tell me if the following rule is wrong:
alert tcp any any -> $LAN any ( content: "GET /banner/"; \
msg: "banner test";)
It's in the myrules.rules file and is included in the
If a user from a workstation goes to a website and the
website sends a banner, shouldn't there be a log?
email: cc at ...9707... | "A man who knows not where he goes,
| knows not when he arrives."
| - Anon
** All information contained in this email is strictly **
** confidential and may be used by the intended receipient **
** only. **
More information about the Snort-users