[Snort-users] No Alerts Being Generated

Matthew K. Lee mattl at ...12405...
Wed Sep 29 12:48:01 EDT 2004


1. What are the owner/group permissions of /etc/snort?
2. Have you tried to send it traffic that would trigger a rule?
3. What happens when you do a 'mysql -u snort -p' with snort's password?

Matthew Lee

-----Original Message-----
From: Kaplan, Andrew H. [mailto:AHKAPLAN at ...10063...] 
Sent: Wednesday, September 29, 2004 2:35 PM
To: Snort User Group (E-mail)
Subject: [Snort-users] No Alerts Being Generated

I completed installing snort 2.2.0 (build 30) and have begun running it.
ACID GUI and /var/log/snort/alert files have not shown any alerts
even though the program has been running for over an hour. To verify
there were
no syntax errors in the snort.conf file, I ran the following:

snort -c /etc/snort/snort.conf

There were no errors and warnings, and the program appears to be running
properly. Where in snort.conf and elsewhere, should I check for 
configuration mistakes? I have included the snort.conf file here.


More information about the Snort-users mailing list