[Snort-users] New Installation - Problem with No Alerts with Snort, MySQL, SnortCenter and ACID on Redhat 9.0

Allyn Baskerville allynb at ...9465...
Fri Jun 13 22:14:09 EDT 2003


I finally got the Snort Enterprise Implementation (by Steven Scott)
completed. I have some slightly different files than the manual as only
newer ones were available for downloading. Additionally, all components of
the IDS are installed on a single machine with 3 NICs. Two do not have an IP
address bound to the adapters, and the 3rd is the one with the private IP. I
can't find a single error in any of the logs, all web pages open and
function as expected, and the sensors, SnortCenter, ACID, and MySQL are
running. I verified that I had port mirroring set up on the switches, but
just in case I put the external sensor on a hub. I've selected all
parameters possible on the sensors, and I've also performed scans. I simply
cannot get an alert to show up on ACID, and when I look at the database the
count equals 0. For grins, I also enabled Snort on the NIC with an IP
address and scanned it. It also didn't turn up any alerts.

Thanks for any assistance. Allyn





More information about the Snort-users mailing list