[Snort-users] Help! Newbie Needs Help

wkitty42 at ...14940... wkitty42 at ...14940...
Thu May 18 02:34:35 EDT 2017

On 05/17/2017 11:09 PM, Dionne Queen wrote:
> I installed Snort and used the following to create alert:
> c:\Snort\bin> snort -i 2 -c c:\Snort\etc\snort.conf - A console
>  However, I keep getting the above Error message displaying no such file or directory - log/snort.log.1495074784
> This is what is on my C: Drive -

hunh?? above error??? there's not even one below...

> I am using the following alert:
> alert icmp any any -> any any (msg: "icmp testing rule"; sid: 1000001;)
> Snort won't allow any alerts due to the Error Message. Please Help.
> I am a "newbie".

but i believe you might be better served by using a more rounded testing suit of 
rules instead of shoving everything into the ICMP protocol...

  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

More information about the Snort-users mailing list