[Snort-users] snort running as daemon while sysloging

sekure sekure at ...11827...
Sat Jul 24 15:13:04 EDT 2004


Is your HOME_NET defined correctly?  Are you listening on the correct
interface?  Are you spanning the ports to see all the traffic?  Is
there any traffic out there that would actually trigger the rules?

As you can see there are a lot of variables....

On Fri, 23 Jul 2004 17:43:26 -0400, nanocurie <nanocurie at ...5068...> wrote:
> Hello all,
>         I want snort to start at boot as a daemon on Fedora Core 2 (redhat). I
> want it to log its alerts in /var/log/snort/ (which already exists) in
> syslog format. I've pieced this together from what I've found on the
> net...
> 
> /usr/local/bin/snort -l /var/log/snort -D -h xxx.xxx.xxx.xxx/xxx -c
> /usr/local/snort/etc/snort.conf
> 
> I look in /var/log/snort/ and nothings happening.
> Although, I've found somethings in /var/log/messages, regarding snort's
> initialization but not much else.
> 
> This snort.conf file is stock, and for the most part, unchanged from the
> initial install.
> I've google'd and I've read through the man's.
> 
> Am I going in the right direction? Any suggestions?
> 
> thanks
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by BEA Weblogic Workshop
> FREE Java Enterprise J2EE developer tools!
> Get your free copy of BEA WebLogic Workshop 8.1 today.
> http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>




More information about the Snort-users mailing list