[Snort-users] Alert file

waldo kitty wkitty42 at ...14940...
Wed Mar 20 13:39:29 EDT 2013


On 3/20/2013 03:13, Mohammad MontazerI wrote:
> i dont know what is that!
> i just downloaded roules from here: http://www.snort.org/snort-rules
> and installed it on my opensuse.
> is that enough?
> http://www.snort.org/snort-rules

so then you currently do not use a rules manager... it isn't needed at this 
point anyway... all you want to do it cause an alert, right?


>
> --------------------------------------------------------------------------------
> *From:* Ricky Huang <rhuang.work at ...11827...>
> *To:* "snort-users at lists.sourceforge.net" <snort-users at lists.sourceforge.net>
> *Sent:* Wednesday, March 20, 2013 12:19 PM
> *Subject:* Re: [Snort-users] Alert file
>
> Which rules manager do you use? PulledPork, OinkMaster, or…?
>
> On Mar 19, 2013, at 11:57 PM, Mohammad MontazerI <mohamad_montazery at ...131...
> <mailto:mohamad_montazery at ...131...>> wrote:
>
>> Hello dear all.
>> i enabled Network Intrusion Detection System (NIDS) mode and i recorded my
>> network packets.
>> this command: ./snort -d -l ./log -c snort.conf
>> now in log directory there are two files:
>> on of them log all packets and another one name is alert.
>> i think this file should contain warning, attacks and ... against my network.
>> but after about 7 hours the file still empty!!!
>> this is good. but i want test snort. so how can write data in alert file?
>> what i can do?






More information about the Snort-users mailing list