Snort
Atlast I got my snort running in inline mode......
But now a new kinda problem is there I am running linux on VMplayer and I have configured eth0 as 192.168.1.9 and eth1 as 10.10.135.22 I use windows browser to check anything developed in linux For example, By implementing IPTable srules I try to put 192.168.1.9 or 10.10.135.22 in browser in windows... and so.... Now I have configured IPTables for snort_inline as below- Chain INPUT target prot opt in out source destination QUEUE all - eth0 * 0.0.0.0/0 0.0.0.0/0 QUEUE all - eth1 * 0.0.0.0/0 0.0.0.0/0 Chain Forward Nothing here Chain OUTPUT target prot opt in out source destination QUEUE tcp - * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 and there is nothing in local.rules file........... But when I get snort run or not There nothing comes in responce.... |
I got the things working..... at last
I needed to write QUEUE tcp - * * 0.0.0.0/0 0.0.0.0/0 tcp spt:80 instead of QUEUE tcp - * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 in my case................................ |
priyadarshan, you continue posting all your Snort questions here in Security even though you see they keep being moved to Software. Please stop doing that. Look, if your issue is that you can't get Snort to work properly, that's a software question - not a security one. It doesn't matter whether Snort is a security tool or not.
Moved to Software. |
OKOKOK sorry.....
|
All times are GMT -5. The time now is 05:12 PM. |