[Snort-users] snort daemon to listen to eth2 and eth3 in promiscuous mode

Kaushal Shriyan kaushalshriyan at ...11827...
Tue Feb 19 07:29:31 EST 2013


On Tue, Feb 19, 2013 at 5:54 PM, Ayodele Okeowo <aymacro at ...11827...> wrote:

> What command do you type when running snort in inline? You will have to
> pair both interfaces in order to use both for sniffing.
>
> Paste your command on here and let's see. :)
>
> Ayo
>
>
Thanks Ayo for the quick reply and i start snort using init script on
CentOS 5.8 with the below mentioned details

[root at ...2306... ~]# /etc/init.d/snortd status
snort (pid 17573) is running...
[root at ...2306... ~]# ps aux | grep snort
snort    17573  0.0  0.2 417000 71064 ?        Ssl  17:21   0:00
/usr/sbin/snort -A fast -b -d -D -i eth2 -u snort -g snort -c
/etc/snort/snort.conf -l /var/log/snort
root     17647  0.0  0.0  61172   752 pts/0    S+   17:58   0:00 grep snort
[root at ...2306... ~]#

Regards

Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130219/15ac5790/attachment.html>


More information about the Snort-users mailing list