Snort mailing list archives
Re: First time snorting ... ERROR: The dynamic detection library ...
From: Alan McKay <alan.mckay () gmail com>
Date: Fri, 15 Nov 2013 10:39:33 -0500
If you run Snort in console mode (-A console) for testing purposes, do you see any alerts?
Nope. I ran it without the redirect this time of course and with -A
console, and it gets to this point :
Preprocessor Object: SF_DNS Version 1.1 <Build 4>
Preprocessor Object: SF_POP Version 1.0 <Build 1>
Commencing packet processing (pid=20459)
And after that I hit it again with nmap -O as well as continual ssh
attempts. It just stays like the above with no more output.
Another thing, how does your unified2 output plugin look like in your snort.conf file? Also, what rules you have enabled?
I'm using the default snort.conf from the document that I posted in my first thread. It seems to be the default from the distro. The only changes I make are these near the top of the file, and I only made those after my initial attempts with all defaults failed. Here are my changes : # Setup the network addresses you are protecting ipvar HOME_NET MY_REAL_IP_REMOVED # Set up the external network addresses. Leave as "any" in most situations ipvar EXTERNAL_NET !$HOME_NET I dumped the full contents of the snort.conf at the top of my google doc for perusal. https://docs.google.com/document/d/1bd3atMiqTBvbwF8BIpZDSVEr1vYniyM0GSIHZGvVWO8/edit?usp=sharing ------------------------------------------------------------------------------ DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access Free app hosting. Or install the open source package on any LAMP server. Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native! http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: First time snorting ... ERROR: The dynamic detection library ..., (continued)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 14)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 14)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 14)
- Re: First time snorting ... ERROR: The dynamic detection library ... waldo kitty (Nov 14)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 14)
- Re: First time snorting ... ERROR: The dynamic detection library ... waldo kitty (Nov 14)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 14)
- Re: First time snorting ... ERROR: The dynamic detection library ... waldo kitty (Nov 14)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 15)
- Re: First time snorting ... ERROR: The dynamic detection library ... Y M (Nov 15)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 15)
- Re: First time snorting ... ERROR: The dynamic detection library ... waldo kitty (Nov 15)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 15)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 19)
- Re: First time snorting ... ERROR: The dynamic detection library ... waldo kitty (Nov 19)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 19)
- Re: First time snorting ... ERROR: The dynamic detection library ... Alan McKay (Nov 19)
- Re: First time snorting ... ERROR: The dynamic detection library ... waldo kitty (Nov 19)
- Re: First time snorting ... ERROR: The dynamic detection library ... waldo kitty (Nov 19)