[SPAM] - [Snort-users] Snort in IDS mode - Email found in subject
mhering at ...13116...
Tue Mar 15 08:27:09 EST 2005
Logging to a file is just a setting in snort.conf, When you edit that
file, you will see a section for logging and where the log files are.
Just set the conf file for log location, and rules files locatoin and
start Snort and then it should bein IDS mode.
But why no Database? I run snort on my Winblows laptop with MysQl and
Acid so I can see what's goin on without having to sift through the logs
manually..You'd be surprised how many times you get hit at a Starbucks
(Oops, I mean "Fourbucks" :) )
AS far as I know you can't have it block traffic....
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Mr. venkat
Sent: Tuesday, March 15, 2005 11:10 AM
To: snort-users at lists.sourceforge.net
Subject: [SPAM] - [Snort-users] Snort in IDS mode - Email found in
I am using snort 2.3.1 on windows. I don't want to use any database
but I want to log all alerts to log files only(I am planning for other
way).I could run snort in logging mode but I am unable to run in IDS
mode. Can anybody tell me what is the best way to run snort in IDS mode
also please tell me the required settings in snort.conf.
Can snort block any traffic that match the rules or just it detects?
Thanks in advance,
Screensavers unlimited! http://www.msn.co.in/Download/screensaver/
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users