[Snort-users] Snort and Proxmox
jbitto at ...16055...
Mon Jan 28 12:12:21 EST 2013
I'm new on using snort and I'm needing to lean on your expertise. We've decided to use snort on our network and in doing so I've setup a small test lab away from the actual network to see how this IDS works. So here's the problem.....I can't get snort to show any logs. I want to be able to see if it's actually working or not.
I set up a stand-alone server with proxmox on it.
Created 2 VM's
One is Pfsense
The other is just a xp machine.
In proxmox interface.conf looks like this.
Config looks like this:
Iface lo inet loopback
Iface vmbr0 inet static
Iface vmbr1 inet manual
I did everything to spec in pfsense....its pretty straight forward.
1. Setup the interface on pfsense to match in proxmox
2. Downloaded the snort package
3. Obtained a oinkmaster code
4. Created the WAN interface in snort.
5. Checked ALL the rules to activate them.
6. Even restarted both pfsense and the snort service.
I just for some reason can't get the darn thing to log events....as a test. I activated teamviewer rules and tried to block an event and couldn't get it to do that. So my thinking is....Its somewhere at the interface. I just don't know what I need to do. Any help would be greatful!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users