LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-08-2006, 07:52 AM   #1
manya
Member
 
Registered: Apr 2004
Posts: 194

Rep: Reputation: 15
snort problem


I have setup snort IDS on FC3 using mysql as a backend and front end is ACID, i have edited snort.conf to log snort alerts in database.
Even my snort is getting started properly without any errors but nothing is disaplyed on ACID console. when i terminate snort it shows some entries have been logged but nothing is seen on ACID console
My sensor, acid console and mysql are on single box
Can any one help me on this
 
Old 03-08-2006, 12:23 PM   #2
conn-fused
Member
 
Registered: Jun 2004
Posts: 124

Rep: Reputation: 15
I've only done a little work with snort, and I've not used the ACID frontend, but if I were you, I'd start by seeing if you're getting any logging out of snort. IIRC, it normally logs to /var/log/snort. If you're getting logging there, ACID is probably just looking in the wrong place. If not, you may have to look at your configuration again.
 
Old 03-09-2006, 05:08 AM   #3
manya
Member
 
Registered: Apr 2004
Posts: 194

Original Poster
Rep: Reputation: 15
Hi i am able to resolve this problem, i am using snort 2.4.1 which bydefault logs to PCAP mode , ihave changed to ascii mode when starting snort by giving -K ascii mode
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Snort start problem... Palula Linux - Software 2 01-05-2006 11:09 PM
snort runlevel problem Shaper Linux - Security 1 12-23-2004 04:06 AM
snort problem monroetech Linux - Security 3 12-05-2004 02:54 PM
Snort 2.05 and guardian 1.6 problem mikmok Linux - Security 7 12-23-2003 11:45 AM
yet another snort problem PixelCloud Linux - Security 0 08-12-2003 02:27 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration