No subject


Thu Nov 23 16:36:19 EST 2017


Summary     : An open source Network Intrusion Detection System (NIDS)
URL         : http://www.snort.org/
License     : GPL
Description : Snort is an open source network intrusion detection system, c=
apable of
            : performing real-time traffic analysis and packet logging on I=
P networks.
            : It can perform protocol analysis, content searching/matching =
and can be
            : used to detect a variety of attacks and probes, such as buffe=
r overflows,
            : stealth port scans, CGI attacks, SMB probes, OS fingerprintin=
g attempts,
            : and much more.
            :=20
            : Snort has three primary uses. It can be used as a straight pa=
cket sniffer
            : like tcpdump(1), a packet logger (useful for network traffic =
debugging,
            : etc), or as a full blown network intrusion detection system.
            :=20
            : You MUST edit /etc/snort/snort.conf to configure snort before=
 it will work!
            :=20
            : Please see the documentation in /usr/share/doc/snort-2.9.9.0 =
for more
            : information on snort features and configuration.



> On Mar 22, 2017, at 10:04 AM, Stanford Prescott <stan.prescott at ...14542...=
.> wrote:
>=20
> Did you tell snort where the path to the control socket is in snort.conf?
>=20
> config cs_dir: <path/to/snort control socket>
>=20
> On Tue, Mar 21, 2017 at 3:20 PM, Robert Kudyba <rkudyba at ...17816... <mail=
to:rkudyba at ...17816...>> wrote:
> We're using the Fedora RPM via dnf, PulledPork v0.7.3, and when running:
>=20
> pulledpork.pl <https://urldefense.proofpoint.com/v2/url?u=3Dhttp-3A__pull=
edpork.pl&d=3DDwMFaQ&c=3DaqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=3DX0=
jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=3DqVvU5U6OvRAY9txpFkSQ-gKgqfBKV=
pDkr4FD29xOHKI&s=3DnKn3QmhlzVCyaOJj8q7_CLmdmf7SxTFAw42gQhMlN_0&e=3D> -c /et=
c/snort/pulledpork.conf
>=20
> This appears:
>=20
> Issuing reputation socket reload command
> Unable to connect to UNIX socket at /etc/snort/rules/iplists/SNORT.sock: =
Connection refused
> I just posted this on GitHub <https://github.com/shirkdog/pulledpork/issu=
es/255 <https://urldefense.proofpoint.com/v2/url?u=3Dhttps-3A__github.com_s=
hirkdog_pulledpork_issues_255&d=3DDwMFaQ&c=3DaqMfXOEvEJQh2iQMCb7Wy8l0sPnURk=
cqADc2guUW8IM&r=3DX0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=3DqVvU5U6Ov=
RAY9txpFkSQ-gKgqfBKVpDkr4FD29xOHKI&s=3Da9oSspNCCR3xi0F9MN8vPM_3nHBMv7y7YEQ2=
8TMvWck&e=3D>> but wanted to see if this is a known issue and/or a work-aro=
und available.
> -------------------------------------------------------------------------=
-----
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot <https://urld=
efense.proofpoint.com/v2/url?u=3Dhttp-3A__sdm.link_slashdot&d=3DDwMFaQ&c=3D=
aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=3DX0jL9y0sL4r4iU_qVtR3lLNo4tO=
L1ry_m7-psV3GejY&m=3DqVvU5U6OvRAY9txpFkSQ-gKgqfBKVpDkr4FD29xOHKI&s=3DP_sDVO=
_GQuqPiGih4fGVMZ6U5cOCbWtLMrwU02kNj9Q&e=3D>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net <mailto:Snort-users at ...973...=
et>
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users <https://urldefe=
nse.proofpoint.com/v2/url?u=3Dhttps-3A__lists.sourceforge.net_lists_listinf=
o_snort-2Dusers&d=3DDwMFaQ&c=3DaqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&=
r=3DX0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=3DqVvU5U6OvRAY9txpFkSQ-gK=
gqfBKVpDkr4FD29xOHKI&s=3DNXK4aHbkEBuJe6Jr0Q3trr47BzJeLQUXW9CiU_vZCh0&e=3D>
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=3Dsnort-users <ht=
tps://urldefense.proofpoint.com/v2/url?u=3Dhttp-3A__sourceforge.net_mailarc=
hive_forum.php-3Fforum-5Fname-3Dsnort-2Dusers&d=3DDwMFaQ&c=3DaqMfXOEvEJQh2i=
QMCb7Wy8l0sPnURkcqADc2guUW8IM&r=3DX0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3Ge=
jY&m=3DqVvU5U6OvRAY9txpFkSQ-gKgqfBKVpDkr4FD29xOHKI&s=3Dbjy5ePp-llKSDAbwXorz=
sySWZ1f9QMaRDSJcXnF8oOM&e=3D>
>=20
> Please visit http://blog.snort.org <https://urldefense.proofpoint.com/v2/=
url?u=3Dhttp-3A__blog.snort.org&d=3DDwMFaQ&c=3DaqMfXOEvEJQh2iQMCb7Wy8l0sPnU=
RkcqADc2guUW8IM&r=3DX0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=3DqVvU5U6=
OvRAY9txpFkSQ-gKgqfBKVpDkr4FD29xOHKI&s=3Db14FjvfgA4_6WbyzTa0SSaoTIpFABxzXjf=
C0pUmc3-I&e=3D> to stay current on all the latest Snort news!
>=20




More information about the Snort-users mailing list