[Snort-users] Still trying to build this box

Jim Turner JTurner at ...16132...
Tue Mar 12 10:40:53 EDT 2013


Is there a way to test?  I want to be sure the box is recording alerts?

I watched this video on youtube and he was able to generate logs by pinging Google and Myspace.

From: James Lay [mailto:jlay at ...13475...]
Sent: Tuesday, March 12, 2013 10:31 AM
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Still trying to build this box

On 2013-03-12 08:03, Jim Turner wrote:
> I have made progress since last night. Snort is now starting and not
> erroring on the rules. I accomplished this by uninstalling and
> starting all over again. Now I am just unable to log any of the data.
>
> I have attached my snort.conf. I have pasted the results of this
> command line:
>
> snort -A console -i1 -c c:snortetcsnort.conf -l c:snortlog -K ascii
>
> I feel like I am almost there. Please assist.
>

You don't seem to have any alerts, so you won't see anything until you
do:

Alerts: 0 ( 0.000%)
Logged: 0 ( 0.000%)

James

------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
endpoint security space. For insight on selecting the right partner to
tackle endpoint security challenges, access the full report.
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130312/be91c88e/attachment.html>


More information about the Snort-users mailing list