[Snort-users] Installing & Configuring snort

Damien Hull dhull at ...15333...
Sun Aug 12 15:56:18 EDT 2012


I've played around with snort off and on for the past couple of years.
Every time I use it I run into the same problem. It doesn't seem to
work after following the instructions. I must be missing something.

OS: Ubuntu 10.04 server
SNORT: 2.9.3.1
Instructions: The Ubuntu-10.04-LTS instructions on the snort.org website.
Barnyard2: Installed and configured
MySQL: Using this and it seems to work
Snort Rules: 2923

Problem #1
The dynamic rules don't work for some reason. I commented out the
"dynamicdetection" line to turn that off.

Problem #2
I'm not getting any alerts. I added sfportscan to snort.conf but I'm
getting no action in the log file.

Can someone point me in the right direction?




More information about the Snort-users mailing list