[Snort-users] No Alerts Being Generated

Matthew K. Lee mattl at ...12405...
Wed Sep 29 12:48:01 EDT 2004


Andrew,

1. What are the owner/group permissions of /etc/snort?
2. Have you tried to send it traffic that would trigger a rule?
3. What happens when you do a 'mysql -u snort -p' with snort's password?

Matthew Lee
http://www.rycan.com

-----Original Message-----
From: Kaplan, Andrew H. [mailto:AHKAPLAN at ...10063...] 
Sent: Wednesday, September 29, 2004 2:35 PM
To: Snort User Group (E-mail)
Subject: [Snort-users] No Alerts Being Generated

I completed installing snort 2.2.0 (build 30) and have begun running it.
The
ACID GUI and /var/log/snort/alert files have not shown any alerts
even though the program has been running for over an hour. To verify
there were
no syntax errors in the snort.conf file, I ran the following:

snort -c /etc/snort/snort.conf

There were no errors and warnings, and the program appears to be running
properly. Where in snort.conf and elsewhere, should I check for 
configuration mistakes? I have included the snort.conf file here.
Thanks.

 <<snort.conf.29sept04.txt>> 




More information about the Snort-users mailing list