[Snort-users] Wrong setup?

tmp skrald at ...13521...
Mon Sep 19 09:04:33 EDT 2005


I have just installed snort on my debian (sid) box. During the
installation I entered "any" as HOME_NET.
But when I perform a portscan from another machine, nothing is written
to the logs (/var/log/snort/*). And that's worrying me.

1) How can I test that the setup really do work?

2) Why are there two config files, snort.conf and snort.debian.conf?
Booth seems to define HOME_NET but only snort.debian.conf defines the
mail recipient. In order to change HOME_NET, will I have to modify both
config files then?

Thanks





More information about the Snort-users mailing list