[Snort-users] Snort not alerting although tcpdump shows packet
gaurav.srivastava7 at ...11827...
Fri Apr 17 07:45:55 EDT 2015
I have a strange issue. I am running snort to observe traffic mirrored from
But Snort is not alerting. To verify whether the packets are received or
not I did a tcpdump using following command
sudo tcpdump -w icmp.pcap -i eth0 icmp
And when I read the file using snort using below command:
snort -r icmp.pcap
It displays the ICMP packet logs. But the alert was not generated when
snort was running.
Please suggest. I am stuck here.
Thanks and Regards,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users