[Snort-users] snort not record alert
xserverlinux at ...11827...
Thu Dec 8 13:26:24 EST 2011
Hi list, I am trying to run snort in my server firewall,
following some guides especially that of snort with centos 5 of the
site snort.org, everything one carries out with success but I don't
see that snort records alerts in the BD mysql and I don't see any
event in the log of snort...
look my log :
ule application order:
Verifying Preprocessor Configurations!
ICMP tracking disabled, no ICMP sessions allocated
pcap DAQ configured to passive.
Acquiring network traffic from "eth0".
Reload thread starting...
Reload thread started, thread 0x42090940 (9278)
WARNING: normalizations disabled because DAQ can't replace packets.
database: compiled support for (mysql)
database: configured to use mysql
database: schema version = 107
database: host = localhost
database: user = snortmen
database: database name = snort
database: sensor name = 22.214.171.124
database: sensor id = 1
database: data encoding = hex
database: detail level = full
database: ignore_bpf = no
database: using the "log" facility
--== Initialization Complete ==--
,,_ -*> Snort! <*-
o" )~ Version 126.96.36.199 IPv6 GRE (Build 84)
'''' By Martin Roesch & The Snort Team:
Copyright (C) 1998-2011 Sourcefire, Inc., et al.
Using libpcap version 1.1.1
Using PCRE version: 6.6 06-Feb-2006
Using ZLIB version: 1.2.3
Rules Engine: SF_SNORT_DETECTION_ENGINE Version 1.15 <Build 18>
Preprocessor Object: SF_DNS (IPV6) Version 1.1 <Build 4>
Preprocessor Object: SF_SSLPP (IPV6) Version 1.1 <Build 4>
Preprocessor Object: SF_IMAP (IPV6) Version 1.0 <Build 1>
Preprocessor Object: SF_SMTP (IPV6) Version 1.1 <Build 9>
Preprocessor Object: SF_FTPTELNET (IPV6) Version 1.2 <Build 13>
Preprocessor Object: SF_SSH (IPV6) Version 1.1 <Build 3>
Preprocessor Object: SF_SIP (IPV6) Version 1.1 <Build 1>
More information about the Snort-users