Snort mailing list archives
RE: Help! Just upgraded to Snort1.9-1
From: "Sheahan, Paul (PCLN-NW)" <Paul.Sheahan () priceline com>
Date: Thu, 21 Nov 2002 16:29:33 -0500
I don't get it. How does this effect the -L option? Thanks Paul Sheahan Manager of Information Security Priceline.com paul.sheahan () priceline com -----Original Message----- From: Slighter, Tim [mailto:tslighter () itc nrcs usda gov] Sent: Thursday, November 21, 2002 4:06 PM To: 'Sheahan, Paul (PCLN-NW)'; Snort List (E-mail) Subject: RE: [Snort-users] Help! Just upgraded to Snort1.9-1 easy enough, add /etc onto "-c /etc/snort/snort.conf " so that it looks like this instead "-c /etc/snort/etc/snort.conf " -----Original Message----- From: Sheahan, Paul (PCLN-NW) [mailto:Paul.Sheahan () priceline com] Sent: Thursday, November 21, 2002 1:44 PM To: Snort List (E-mail) Subject: [Snort-users] Help! Just upgraded to Snort1.9-1 Importance: High I'm very pressed for time and hoping there is someone that can help me. I just upgraded to Snort 1.9, running on RH Linux 7.0. I was running v 1.8.7 prior to this and had many scripts setup to automate the environment, but a few things have changed: * When I start Snort, I use this command line: /usr/sbin/snort -A fast -c /etc/snort/snort.conf -i eth0 -l /var/log/snort -o -D -N -b -L traces In 1.8.7, the "-L Traces" option would create a file called "Traces" which contained packet traces. Now it creates a traces.(10digitnumber) file. In other words it's now the word traces with a dot, followed by a 10 digit number. Anyway I can shut this feature off so it's back to the old "traces"? All of my routines relied on the file being "traces". Also just noticed when I run Snort -? the -L option is not listed....why? Thanks, Paul Sheahan Manager of Information Security Priceline.com paul.sheahan () priceline com ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Help! Just upgraded to Snort1.9-1 Sheahan, Paul (PCLN-NW) (Nov 21)
- <Possible follow-ups>
- RE: Help! Just upgraded to Snort1.9-1 Slighter, Tim (Nov 21)
- RE: Help! Just upgraded to Snort1.9-1 Sheahan, Paul (PCLN-NW) (Nov 21)
- RE: Help! Just upgraded to Snort1.9-1 Slighter, Tim (Nov 21)