Re: Snort running inline but not functioning as IPS

[Robin Kipp <mlists () robin-kipp net>]

Hi,

> Am 24.01.2016 um 14:46 schrieb Y M <snort () outlook com>:
>
> If you are using snort.rules generated by PulledPork, then make sure the rule (gid:136, sid:1) exists in the file and 
> that snort.rules is included in snort.conf.

Yeah, all this is in place and used to work fine… However, I feel that somehow I must have managed to screw up my Snort 
setup, as I’m not getting any console alerts whatsoever (not even from a locally defined ping alert rule which I used 
to test Snort right after the first installation).
So, what I’ll probably end up doing is to completely wipe Snort, Barnyard2 and Pulledpork from my machine and then 
reinstall them one by one. I’m really not sure how else I could track down this problem, especially since I’m still a 
Snort newbie and have barely scratched the surface.
However, thanks to the advice gathered in this conversation I at least have some important considerations in mind now, 
hopefully things will work out the second time around! :-)
Robin

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!