[SPAM] - [Snort-users] Snort in IDS mode - Email found in subject

Marc Hering mhering at ...13116...
Tue Mar 15 08:27:09 EST 2005


Logging to a file is just a setting in snort.conf, When you edit that
file, you will see a section for logging and where the log files are.
Just set the conf file for log location, and rules files locatoin and
start Snort and then it should bein IDS mode.

But why no Database?  I run snort on my Winblows laptop with MysQl and
Acid so I can see what's goin on without having to sift through the logs
manually..You'd be surprised how many times you get hit at a Starbucks
(Oops, I mean "Fourbucks" :) )

AS far as I know you can't have it block traffic.... 

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Mr. venkat
Sent: Tuesday, March 15, 2005 11:10 AM
To: snort-users at lists.sourceforge.net
Subject: [SPAM] - [Snort-users] Snort in IDS mode - Email found in
subject

Hi all,
    I am using snort 2.3.1 on windows. I don't want to  use any database
but I want to log all alerts to log files only(I am planning for other
way).I could run snort in logging mode but I am unable to run in IDS
mode. Can anybody tell me what is the best way to run snort in IDS mode
also please tell me the required settings in snort.conf.

    Can snort block any traffic that match the rules or just it detects?
  Thanks in advance,
--Venkat

_________________________________________________________________
Screensavers unlimited! http://www.msn.co.in/Download/screensaver/
Download now!



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list