Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm new to snort and i think that i have it set up right, i just have a few questions about the log files. Snort is logging to /var/log/snort directory, i have the ip addresses of my network machines showing up as folders, is this supposed to happen. Plus there are 2 other ip's i don't know 239.255.255.250 and 255.255.255.255 are they network broadcast?. Also my log files are being log like snort.log.1072483058, snort.log.1072496953, this is the same for suspicious.log and tcpdump.log. Can i have these logged as 1 file each for that day with the date in the file name.
the ip addresses of my network machines showing up as folders, is this supposed to happen.
Depends on how you configure Snort.
Plus there are 2 other ip's i don't know 239.255.255.250 and 255.255.255.255 are they network broadcast?.
Could be and yes.
Also my log files are being log like snort.log.1072483058, snort.log.1072496953, this is the same for suspicious.log and tcpdump.log. Can i have these logged as 1 file each for that day with the date in the file name.
No, not that I know of.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.