Snort mailing list archives
Re: A size of log file is zero although there is an attack
From: waldo kitty <wkitty42 () windstream net>
Date: Sat, 27 Sep 2014 14:40:14 -0400
On 9/27/2014 4:22 AM, Jutichai Thongkrachai wrote:
To Waldo and Sharif I still get empty log after I try to reinstall by following Sharif's steps although I try to : - check a user/group permission which is set to be snort:snort on /etc/snort. /usr/local/lib, /var/log/snort and /usr/local/bin - start a service of snort at /etc/init.d/snort - run "snort -de -h 10.4.0.0/24 <http://10.4.0.0/24> -c /etc/snort/snort.conf -i enp2s0 -l /var/log/snort -u snort -g snort" command and then try to run Zenmap (GUI namp) to run a port scan and run Wireshark too which capture a packet that Zenmap send to a target computer - run "snort -u snort -g snort -c /etc/snort/snort.conf -i enp2s0" command and run zenmap again the log just change date and time that it's created only. Do I configure a hardware of my Snort IDS Server wrong?
1. have you tried adding "-k none" to your command line? 2. try disabling all offloading features that your NICs may have. -- NOTE: No off-list assistance is given without prior approval. Please *keep mailing list traffic on the list* unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: A size of log file is zero although there is an attack Jutichai Thongkrachai (Sep 25)
- Re: A size of log file is zero although there is an attack Sharif Uddin (Sep 26)
- Re: A size of log file is zero although there is an attack waldo kitty (Sep 26)
- <Possible follow-ups>
- Re: A size of log file is zero although there is an attack Jutichai Thongkrachai (Sep 26)
- Re: A size of log file is zero although there is an attack Sharif Uddin (Sep 26)
- Re: A size of log file is zero although there is an attack Jutichai Thongkrachai (Sep 26)
- Re: A size of log file is zero although there is an attack Jutichai Thongkrachai (Sep 26)
- Re: A size of log file is zero although there is an attack Sharif Uddin (Sep 26)
- Re: A size of log file is zero although there is an attack Jutichai Thongkrachai (Sep 27)
- Re: A size of log file is zero although there is an attack waldo kitty (Sep 27)
- Re: A size of log file is zero although there is an attack Jutichai Thongkrachai (Sep 28)