|
|
|
|
Snort Forums Archive
Archive Home » Windows » just started working on Snort need Help!
Please note that the categories listed below represent an archived version of our forums pages. To view the current version and be able to post and reply to threads, please register and login here to go to the full forums pages.
[ Notice: Full Version of This Topic ]
just started working on Snort need Help!
Posted by akumar on December 02, 2005 03:19:32
Hi everyone,
I just started implementing SNORT 2.4.3, i read the manual and try to run it as.
snort -d -l c:\snort\log -h 10.0.3.0/24 -c c:\snort\etc\snort.conf
but it is not showing any logs or something just showing 0 in every line.
please help me out in configuring this .
|
|
Posted by crs51885 on January 04, 2006 18:18:47
Hi akumar,
Hopefully you've gotten this figured out by now, but just in case:
I was having the same problem you are until I told snort on which interface it should listen. Try running snort -W to get a listing of the adapters on your machine. Take note of the adapter ID you want (mine's 2, for example). Then on your command line, add -i n where n represents the interface number. If your adapter ID is 1, your command would look like this:
snort -d -l c:\snort\log -h 10.0.3.0/24 -c c:\snort\etc\snort.conf -i 1
Another possibility is that your rules aren't generating any alerts based on traffic or you have logging turned off in your snort.conf.
Hope this helps. |
|
|
|
|
|
