[Snort-users] running snort
balla.bmf at ...11827...
Tue Apr 30 15:43:35 EDT 2013
I set snort to rc.local and I see it s running as daemon. (first screenshot)
however I have to issue the command in terminal to start the service:
./snort -Q -i eth2:eth1 -c /usr/local/snort/etc/snort.conf -s
after that it works. (second screenshot)
can I dump alert or any event taken place to this terminal window or it s
impossible while snort running?
please point to the appropriate chapter in snort manual (long one) where
Decoding Ethernet is explained (and how to modify)
**one more thing: is "-h anyiphere" necessary in the line command once I
set ipvar HOME_NET variable in snort.conf?
Thanks in advance
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users