Snort mailing list archives
RE: not running but not logging any event HELP1 HELP!
From: "Harper, Patrick" <Patrick.Harper () phns com>
Date: Tue, 7 Dec 2004 20:40:05 -0600
Try setting up an any any rule. Or set up a rule looking for something specific and trigger it. -----Original Message----- From: nitin agarwal [mailto:nitinarchi () lycos com] Sent: Tuesday, December 07, 2004 8:25 PM To: snort-users () lists sourceforge net Subject: [Snort-users] not running but not logging any event HELP1 HELP! hello i have fedora core 2 with snort 2.3 rc1 running with ACID console in IDS mode.when i run nessus against the box it picks the alerts but when we put the box in a SPAN port in DMZ it by itself is not picking any alerts. is it that there is no malicious traffic thats why there are no event generated. any pointers. thank you nitin agarwal -- _______________________________________________ Find what you are looking for with the Lycos Yellow Pages http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.com/default.asp?SRC=lycos10 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?listžort-users Disclaimer: This electronic message, including any attachments, is confidential and intended solely for use of the intended recipient(s). This message may contain information that is privileged or otherwise protected from disclosure by applicable law. Any unauthorized disclosure, dissemination, use or reproduction is strictly prohibited. If you have received this message in error, please delete it and notify the sender immediately. ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- not running but not logging any event HELP1 HELP! nitin agarwal (Dec 07)
- <Possible follow-ups>
- RE: not running but not logging any event HELP1 HELP! Harper, Patrick (Dec 07)