[Snort-users] running snort as packet logger and nids simultaneously

Joel Esler eslerj at ...11827...
Tue Jun 7 04:13:34 EDT 2005


You'd have to run two different instances of snort, or make the nids
in Snort log every packet.  I'd go with option one.  Option two has
the possibility of dropping > packets...

J

On 6/7/05, Metal Gear <finattack at ...11827...> wrote:
> hi all,
>  is this possbile to run snort as both packer logger and nids simultaneously
> as i m trying to run snort with the following command but i m not getting
> the packet logs in 'snortlogs' folder
>  
>  /usr/local/bin/snort -u snort -g snort -l /var/log/snortlogs -b -c
> /usr/local/etc/snort.conf -D
>  
>  but when i run as 
>  /usr/local/bin/snort -u snort -g snort -l /var/log/snortlogs -b -D
>  it can now log packets in the respected folder,
>  
>  Thanks
>  
>  


-- 
Joel Esler
BASE Project Lead
http://sourceforge.net/projects/secureideas




More information about the Snort-users mailing list