Results 1 to 4 of 4

Thread: Snort Help

  1. #1
    Join Date
    Oct 2001

    Snort Help

    I am trying to set up snort on my winxp pro box and I am just lost. I don't know how to configure. I turned it on and played with the ruleset file but I don't understand it. I simply want it to log everything that happens on my home lan and my internet link. I have a motorola sb4100 cable modem plugged into a linksys router to share the connection. How do I get it to monitor everything but no alerts. I already have norton personal firewall set to alert me.
    What do you mean you don\'t have a backup disk?

  2. #2
    Join Date
    Apr 2002
    ohman- you asked a mouthfull look here this should do it better than anyone else.

  3. #3
    Junior Member
    Join Date
    May 2002
    put it on linux... it works better

  4. #4
    Junior Member
    Join Date
    Feb 2002
    Do you want to log every packet or simply alert on signature matches? Capturing every packet on your local network could generate a rather large file.

    A command you can use to get started would be: 'snort -dvi eth0' (Substitute eth0 for your NIC information). This is from the Snort FAQ which is located at http://www.snort.org/docs/faq.html

    Once you work through the rule logic Snort becomes very easy to work with. Let me know if I can be any further assistance.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts