[Snort-users] Network Interface Issue in Ubuntu 16.04

James Lay jlay at ...13475...
Fri Feb 17 07:00:20 EST 2017


Ok cool...looks like you should be ready to test snort as IDS

sudo snort -T -c <whereever your snort.conf file is> -i <your interface>

James


On 2017-02-17 04:18, tantioification . wrote:
> Snort run very well James,
> This is the output after i stop snort.
> 
> WARNING: No preprocessors configured for policy 0.
> WARNING: No preprocessors configured for policy 0.
> 02/17-17:54:08.840646 180.214.255.80:137 [1] -> 180.214.255.255:137
> [2]
> UDP TTL:128 TOS:0x0 ID:18306 IpLen:20 DgmLen:78
> Len: 50
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> 
> ^C*** Caught Int-Signal
> WARNING: No preprocessors configured for policy 0.
> 02/17-17:54:08.913368 180.214.255.75:22 [3] -> 120.188.82.45:42983 [4]
> TCP TTL:64 TOS:0x10 ID:13061 IpLen:20 DgmLen:584 DF
> ***AP*** Seq: 0xBA6EB345  Ack: 0xEC79DF7E  Win: 0x104  TcpLen: 20
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> 
> ===============================================================================
> Run time for packet processing was 372.11609 seconds
> Snort processed 11617 packets.
> Snort ran for 0 days 0 hours 6 minutes 12 seconds
>    Pkts/min:         1936
>    Pkts/sec:           31
> ===============================================================================
> Memory usage summary:
>   Total non-mmapped bytes (arena):       782336
>   Bytes in mapped regions (hblkhd):      21590016
>   Total allocated space (uordblks):      670336
>   Total free space (fordblks):           112000
>   Topmost releasable block (keepcost):   105952
> ===============================================================================
> Packet I/O Totals:
>    Received:        11635
>    Analyzed:        11618 ( 99.854%)
>     Dropped:            0 (  0.000%)
>    Filtered:            0 (  0.000%)
> Outstanding:           17 (  0.146%)
>    Injected:            0
> ===============================================================================
> Breakdown by protocol (includes rebuilt packets):
>         Eth:        11617 (100.000%)
>        VLAN:            0 (  0.000%)
>         IP4:        10850 ( 93.398%)
>        Frag:            0 (  0.000%)
>        ICMP:            2 (  0.017%)
>         UDP:          260 (  2.238%)
>         TCP:        10564 ( 90.936%)
>         IP6:          306 (  2.634%)
>     IP6 Ext:          525 (  4.519%)
>    IP6 Opts:          219 (  1.885%)
>       Frag6:            0 (  0.000%)
>       ICMP6:          225 (  1.937%)
>        UDP6:           81 (  0.697%)
>        TCP6:            0 (  0.000%)
>      Teredo:            0 (  0.000%)
>     ICMP-IP:            0 (  0.000%)
>     IP4/IP4:            0 (  0.000%)
>     IP4/IP6:            0 (  0.000%)
>     IP6/IP4:            0 (  0.000%)
>     IP6/IP6:            0 (  0.000%)
>         GRE:            0 (  0.000%)
>     GRE Eth:            0 (  0.000%)
>    GRE VLAN:            0 (  0.000%)
>     GRE IP4:            0 (  0.000%)
>     GRE IP6:            0 (  0.000%)
> GRE IP6 Ext:            0 (  0.000%)
>    GRE PPTP:            0 (  0.000%)
>     GRE ARP:            0 (  0.000%)
>     GRE IPX:            0 (  0.000%)
>    GRE Loop:            0 (  0.000%)
>        MPLS:            0 (  0.000%)
>         ARP:          223 (  1.920%)
>         IPX:            0 (  0.000%)
>    Eth Loop:            0 (  0.000%)
>    Eth Disc:            0 (  0.000%)
>    IP4 Disc:            0 (  0.000%)
>    IP6 Disc:            0 (  0.000%)
>    TCP Disc:            0 (  0.000%)
>    UDP Disc:            0 (  0.000%)
>   ICMP Disc:            0 (  0.000%)
> All Discard:            0 (  0.000%)
>       Other:          262 (  2.255%)
> Bad Chk Sum:            0 (  0.000%)
>     Bad TTL:            0 (  0.000%)
>      S5 G 1:            0 (  0.000%)
>      S5 G 2:            0 (  0.000%)
>       Total:        11617
> ===============================================================================
> Snort exiting
> 
> Thank you





More information about the Snort-users mailing list