[Snort-users] Snort configuration

Al Lewis (allewi) allewi at ...589...
Sat Jun 11 07:53:01 EDT 2016


That is because you are running snort in sniffer mode and not IDS mode.

Checkout the overview section of the manual.

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node6.html


http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node2.html




Albert Lewis
QA SNORT/Sourcefire
SOURCEfire, Inc. now part of Cisco
9780 Patuxent Woods Drive
Columbia, MD 21046
Phone: (office) 443.430.7112
Email: allewi at ...589...

From: Velusami, Selvi [mailto:selvi.velusami at ...17554...]
Sent: Friday, June 10, 2016 5:00 PM
To: snort-users at lists.sourceforge.net
Cc: Selvi Velusami
Subject: [Snort-users] Snort configuration

Hi,

I am very new to snort and I need to configure the same to our VM environment.

Please find below my environment details


1.       Snort is installed on a centos OS with two networks in VM environment

2.       Downloaded the snort.rules from snort.org

3.       I have modified the below parameters in the snort.conf file and set the path to /etc/snort/rules

a.       RULE_PATH

b.      SO_RULE_PATH

c.       PREPROC_RULE_PATH

d.      WHITE_LIST_PATH

e.      BLACK_LIST_PATH

4.       After these things when I issue the command snort -v , I am getting the below messages.
"No Preprocessors configured for policy 0"

I am sure that I am missing a big stuff here. Any pointers or configuration help to configure the same will be much appreciated.


Thanks,
Selvi.V




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20160611/cf8b551f/attachment.html>


More information about the Snort-users mailing list