Snort mailing list archives
Re: snmp traps going to 161, snmp plugin syntax?
From: Erick Mechler <emechler () techometer net>
Date: Tue, 14 Jan 2003 16:45:28 -0800
:: I have thus tried to force snort to specify the port :: with the following lines in snort.conf, which got me :: the corresponding results: :: :: output trap_snmp: alert, 7, trap -v 2c -c myCommunity :: nms -p 162 :: Snort starts, no effect. :: :: output trap_snmp: alert, 7, trap -v 2c -p 162 -c :: myCommunity nms :: "Warning: -p option is no longer used - specify the :: remote host as HOST:PORT :: SnmpTrapPlugin: Insufficient SnmpTrap parameters" :: :: output trap_snmp: alert, 7, trap -v 2c -c myCommunity :: nms:162 :: "SnmpTrapPlugin: Unresolvable Trap destination : :: nms:162" See http://www.cysol.co.jp/contrib/snortsnmp/snortSnmpGuide.html. They say you should use this format (which, BTW, works for me, as do the v3 examples they give): output trap_snmp: alert, 7, trap -v 2c -p 162 myTrapListener myCommunity Cheers - Erick ------------------------------------------------------- This SF.NET email is sponsored by: Take your first step towards giving your online business a competitive advantage. Test-drive a Thawte SSL certificate - our easy online guide will show you how. Click here to get started: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0027en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snmp traps going to 161, snmp plugin syntax? twig les (Jan 14)
- Re: snmp traps going to 161, snmp plugin syntax? Erick Mechler (Jan 14)
- Re: snmp traps going to 161, snmp plugin syntax? twig les (Jan 14)
- Re: snmp traps going to 161, snmp plugin syntax? Erick Mechler (Jan 14)