Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Problem with Snort IDS

From: Marcio Demetrio Bacci <marciobacci () gmail com>
Date: Fri, 11 Nov 2016 21:59:53 -0200
Hi,

I have installed a Snort server (virtual machine) as IDS on Ubuntu 14-04
LTS.

I noticed that it only monitors the traffic directed to snort itself. When
I execute ping or portscan command from a host to another server on the
network, it is not registered by snort.

It looks like the interface is not listening in promiscuous mode.

I am starting snort as follows:

/usr/sbin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0 -D


Anyone have any idea what is the problem?

Regards,

Márcio

------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: