[Snort-users] Error running snort

Mr. venkat mvr_it at ...125...
Fri Mar 18 21:07:18 EST 2005


My log directory has all permissions.

If I specify the logdir. path in commandline all the packets are being 
logged
but I dont want to log all the packets otherthan alerts. I used -N in 
command line along with
-l path .Now it is generating only alerts but how can I make sure it is 
working correct.

I used the below settings in snort.conf

# output alert_syslog: LOG_AUTH LOG_ALERT
output alert_fast:alert.ids

Any idea why it is displaying error if I dnot specify the log directory in 
command line.


One more question..
I want to use flexresp.
Any body can tell me what are the settings for it and command line options.
I searched manuals but no information about flexresp settings.

Thanks,
VR.



>From: "Snort" <Snort at ...13151...>
>To: "Mr. venkat" <mvr_it at ...125...>,<Snort-users at lists.sourceforge.net>
>Subject: RE: [Snort-users] Error running snort
>Date: Fri, 18 Mar 2005 15:11:59 -0500
>
>You need to specify a log directory in your command line string
>
>-l /usr/local/snort/log/
>
>Or
>-l /tmp/snort
>
>Doesn't matter, just needs to be a writeable directory
>
>Thanks,
>Michael Brown,
>
>-----Original Message-----
>From: snort-users-admin at lists.sourceforge.net
>[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Mr. venkat
>Posted At: Friday, March 18, 2005 2:45 AM
>Posted To: Snort
>Conversation: [Snort-users] Error running snort
>Subject: [Snort-users] Error running snort
>
>Hi,
>   I am new to snortand  using snort-2.3.0 on windows 2k.
>I tried the command in IDS mode.
>
>C:\Snort\bin>snort -A fast -c ../etc/snort.conf
>
>but it is quitting with the message .
>Just I want to log the alerts in a single file only without packet
>logging.
>
>but why I am getting this error .
>
>ERROR:
>[!] ERROR: Can not get write access to logging directory "log".
>(directory doesn't exist or permissions are set incorrectly
>or it is not a directory at all)
>
>Fatal Error, Quitting..
>
>
>
>Any help please...
>
>Also what are the settings for flexresp in snort .conf and is there any
>command line options for it.
>
>--Venkat.
>
>_________________________________________________________________
>Want to meet David Beckham? http://www.msn.co.in/gillette/ Fly to Madrid
>
>with Gillette!
>
>
>
>-------------------------------------------------------
>SF email is sponsored by - The IT Product Guide
>Read honest & candid reviews on hundreds of IT Products from real users.
>Discover which products truly live up to the hype. Start reading now.
>http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
>-------------------------------------------------------
>SF email is sponsored by - The IT Product Guide
>Read honest & candid reviews on hundreds of IT Products from real users.
>Discover which products truly live up to the hype. Start reading now.
>http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=snort-users

_________________________________________________________________
Screensavers unlimited! http://www.msn.co.in/Download/screensaver/ Download 
now!





More information about the Snort-users mailing list