[Snort-users] help with snort and acid
hernani
coelho.hernani at ...16858...
Mon Jun 2 13:53:55 EDT 2014
hello,
when i make this command ---> sudo /usr/local/snort/bin/snort -u snort
-g snort -c /usr/local/snort/etc/snort.conf -i wlan0
give me this ----> Commencing packet processing
and then this --->
Run time for packet processing was 44.6192 seconds
Snort processed 11 packets.
Snort ran for 0 days 0 hours 0 minutes 44 seconds
Pkts/sec: 0
===============================================================================
Memory usage summary:
Total non-mmapped bytes (arena): 107700224
Bytes in mapped regions (hblkhd): 6868992
Total allocated space (uordblks): 57714256
Total free space (fordblks): 49985968
Topmost releasable block (keepcost): 41200
===============================================================================
Packet I/O Totals:
Received: 11
Analyzed: 11 (100.000%)
Dropped: 0 ( 0.000%)
Filtered: 0 ( 0.000%)
Outstanding: 0 ( 0.000%)
Injected: 0
===============================================================================
Breakdown by protocol (includes rebuilt packets):
Eth: 13 (100.000%)
VLAN: 0 ( 0.000%)
IP4: 13 (100.000%)
Frag: 0 ( 0.000%)
ICMP: 0 ( 0.000%)
UDP: 0 ( 0.000%)
TCP: 13 (100.000%)
IP6: 0 ( 0.000%)
IP6 Ext: 0 ( 0.000%)
IP6 Opts: 0 ( 0.000%)
Frag6: 0 ( 0.000%)
ICMP6: 0 ( 0.000%)
UDP6: 0 ( 0.000%)
TCP6: 0 ( 0.000%)
Teredo: 0 ( 0.000%)
ICMP-IP: 0 ( 0.000%)
IP4/IP4: 0 ( 0.000%)
IP4/IP6: 0 ( 0.000%)
IP6/IP4: 0 ( 0.000%)
IP6/IP6: 0 ( 0.000%)
GRE: 0 ( 0.000%)
GRE Eth: 0 ( 0.000%)
GRE VLAN: 0 ( 0.000%)
GRE IP4: 0 ( 0.000%)
GRE IP6: 0 ( 0.000%)
GRE IP6 Ext: 0 ( 0.000%)
GRE PPTP: 0 ( 0.000%)
GRE ARP: 0 ( 0.000%)
GRE IPX: 0 ( 0.000%)
GRE Loop: 0 ( 0.000%)
MPLS: 0 ( 0.000%)
ARP: 0 ( 0.000%)
IPX: 0 ( 0.000%)
Eth Loop: 0 ( 0.000%)
Eth Disc: 0 ( 0.000%)
IP4 Disc: 0 ( 0.000%)
IP6 Disc: 0 ( 0.000%)
TCP Disc: 0 ( 0.000%)
UDP Disc: 0 ( 0.000%)
ICMP Disc: 0 ( 0.000%)
All Discard: 0 ( 0.000%)
Other: 0 ( 0.000%)
Bad Chk Sum: 0 ( 0.000%)
Bad TTL: 0 ( 0.000%)
S5 G 1: 1 ( 7.692%)
S5 G 2: 1 ( 7.692%)
Total: 13
===============================================================================
Action Stats:
Alerts: 0 ( 0.000%)
Logged: 0 ( 0.000%)
Passed: 0 ( 0.000%)
Limits:
Match: 0
Queue: 0
Log: 0
Event: 0
Alert: 0
Verdicts:
Allow: 11 (100.000%)
Block: 0 ( 0.000%)
Replace: 0 ( 0.000%)
Whitelist: 0 ( 0.000%)
Blacklist: 0 ( 0.000%)
Ignore: 0 ( 0.000%)
===============================================================================
Frag3 statistics:
Total Fragments: 0
Frags Reassembled: 0
Discards: 0
Memory Faults: 0
Timeouts: 0
Overlaps: 0
Anomalies: 0
Alerts: 0
Drops: 0
FragTrackers Added: 0
FragTrackers Dumped: 0
FragTrackers Auto Freed: 0
Frag Nodes Inserted: 0
Frag Nodes Deleted: 0
===============================================================================
Stream5 statistics:
Total sessions: 1
TCP sessions: 1
UDP sessions: 0
ICMP sessions: 0
IP sessions: 0
TCP Prunes: 0
UDP Prunes: 0
ICMP Prunes: 0
IP Prunes: 0
TCP StreamTrackers Created: 1
TCP StreamTrackers Deleted: 1
TCP Timeouts: 0
TCP Overlaps: 0
TCP Segments Queued: 9
TCP Segments Released: 9
TCP Rebuilt Packets: 2
TCP Segments Used: 9
TCP Discards: 0
TCP Gaps: 0
UDP Sessions Created: 0
UDP Sessions Deleted: 0
UDP Timeouts: 0
UDP Discards: 0
Events: 0
Internal Events: 0
TCP Port Filter
Filtered: 0
Inspected: 0
Tracked: 11
UDP Port Filter
Filtered: 0
Inspected: 0
Tracked: 0
===============================================================================
HTTP Inspect - encodings (Note: stream-reassembled packets included):
POST methods: 0
GET methods: 0
HTTP Request Headers extracted: 0
HTTP Request Cookies extracted: 0
Post parameters extracted: 0
HTTP response Headers extracted: 0
HTTP Response Cookies extracted: 0
Unicode: 0
Double unicode: 0
Non-ASCII representable: 0
Directory traversals: 0
Extra slashes ("//"): 0
Self-referencing paths ("./"): 0
HTTP Response Gzip packets extracted: 0
Gzip Compressed Data Processed: n/a
Gzip Decompressed Data Processed: n/a
Total packets processed: 11
===============================================================================
SMTP Preprocessor Statistics
Total sessions : 0
Max concurrent sessions : 0
===============================================================================
dcerpc2 Preprocessor Statistics
Total sessions: 0
===============================================================================
===============================================================================
SIP Preprocessor Statistics
Total sessions: 0
===============================================================================
Reputation Preprocessor Statistics
Total Memory Allocated: 0
===============================================================================
Snort exiting
snort is work but dont log in acid
can someone help me?
hernani coelho
Em 02-06-2014 17:16, hernani escreveu:
> hello,
>
> snort now works,
> Starting Network Intrusion Detection System snort [ok]
>
> but dont detect scan nmap someone can help me??
>
> thanks
>
> hernani coelho
> Em 01-06-2014 13:28, hernani escreveu:
>> hello,
>>
>> snort give me this error when i make this command --->
>> /etc/init.d/snort start
>>
>> error ---> Starting Network Intrusion Detection System
>> snort [fail]
>>
>>
>> Em 01-06-2014 12:37, hernani escreveu:
>>> hello,
>>>
>>> i install snort and acid on ubuntu 14.04
>>>
>>> snort not show any alerts and acid give me this error ---> *Fatal
>>> error*: Call to a member function acidGetDBVersion() on a non-object
>>> in */var/www/html/acid/acid_state_citems.inc* on line *476
>>>
>>> can someone help me?
>>>
>>> thank you
>>> hernani
>>> *
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Time is money. Stop wasting it! Get your web API in 5 minutes.
>>> www.restlet.com/download
>>> http://p.sf.net/sfu/restlet
>>>
>>>
>>> _______________________________________________
>>> Snort-users mailing list
>>> Snort-users at lists.sourceforge.net
>>> Go to this URL to change user options or unsubscribe:
>>> https://lists.sourceforge.net/lists/listinfo/snort-users
>>> Snort-users list archive:
>>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>>
>>> Please visithttp://blog.snort.org to stay current on all the latest Snort news!
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Time is money. Stop wasting it! Get your web API in 5 minutes.
>> www.restlet.com/download
>> http://p.sf.net/sfu/restlet
>>
>>
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>
>> Please visithttp://blog.snort.org to stay current on all the latest Snort news!
>
>
>
> ------------------------------------------------------------------------------
> Learn Graph Databases - Download FREE O'Reilly Book
> "Graph Databases" is the definitive new guide to graph databases and their
> applications. Written by three acclaimed leaders in the field,
> this first edition is now available. Download your free book today!
> http://p.sf.net/sfu/NeoTech
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140602/ab37678f/attachment.html>
More information about the Snort-users
mailing list