Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: Paul on November 25, 2003, 09:49:17 PM

Title: snort <<logging>>
Post by: Paul on November 25, 2003, 09:49:17 PM

Installed snort 2.0.4.1

Unfortunately I don't see any logging of alerts. I cannot imagine that there is no activity at my ports.

Is there a configuration necessary?


Thanks for any help...


Paul

Title: Re: snort <<logging>>
Post by: Chris on November 25, 2003, 10:26:55 PM

I have yet to see anyone figure this out, Ive searched the forum, anyone out there get it to work, If so, how did you do it?
Thanks
Chris

Title: Re: snort <<logging>>
Post by: Bob King on November 26, 2003, 01:56:38 AM

I use the snort/acid contrib from http://www.marari.net/downloads/snort/ on multiple SME 5.6u6 servers. The Snort logs are located in /var/log/snort/

Title: Re: snort <<logging>>
Post by: Paul on November 26, 2003, 05:26:48 PM

Perhaps a strange question. But how can I replace snort 2.0.4.1 by snort 1.9.0.1.

I am hoping to get it work in this way. Who can help me?

Paul

Title: Re: snort <<logging>>
Post by: Bob King on November 26, 2003, 06:07:39 PM

You could try 'rpm -Uhv --replacepkgs --oldpackage ?????.rpm' to down grade.

Title: Re: snort <<logging>>
Post by: wykyd on November 27, 2003, 10:52:34 AM

tried this a number of times with no luck.

if you get it going let me know how :D