Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: int21h on October 24, 2002, 11:12:05 AM

Title: Snort + Acid - Intrution Detection
Post by: int21h on October 24, 2002, 11:12:05 AM

I've installed the latest version of Snort and Acid, following the Contrib how-to http://www.marari.net/downloads/snort/acid-howto.htm

However, i'm using a Dialup account, as far as I can see, snort will only log eth0 and eth1.

Does anyone know how to change the config, so it will log/scan ppp0 ?

Title: Re: Snort + Acid - Intrution Detection
Post by: Tom Veitch on October 25, 2002, 12:08:37 AM

edit the snortd in the rd.d/init and change the eth0 to ppp0 and it will work

Title: Re: Snort + Acid - Intrution Detection
Post by: paul on October 25, 2002, 04:36:58 AM

Will the latest version of Snort run on esmith 5.1.2 and 5.5?

It states that I would need Red Hat 7.3, and from what i've read Esmith runs on 7.2?  

Any assistance would be greatly appreciated.

Thank you.

Title: Re: Snort + Acid - Intrution Detection
Post by: Andy MacDonald on October 25, 2002, 01:00:20 PM

HI Tom.
Is that rd.d / init a typo?