Snort Help
Results 1 to 4 of 4

Thread: Snort Help

  1. #1
    Join Date
    Oct 2001

    Snort Help

    I am trying to set up snort on my winxp pro box and I am just lost. I don't know how to configure. I turned it on and played with the ruleset file but I don't understand it. I simply want it to log everything that happens on my home lan and my internet link. I have a motorola sb4100 cable modem plugged into a linksys router to share the connection. How do I get it to monitor everything but no alerts. I already have norton personal firewall set to alert me.
    What do you mean you don\'t have a backup disk?

  2. #2
    Join Date
    Apr 2002
    ohman- you asked a mouthfull look here this should do it better than anyone else.

  3. #3
    Junior Member
    Join Date
    May 2002
    put it on linux... it works better

  4. #4
    Junior Member
    Join Date
    Feb 2002
    Do you want to log every packet or simply alert on signature matches? Capturing every packet on your local network could generate a rather large file.

    A command you can use to get started would be: 'snort -dvi eth0' (Substitute eth0 for your NIC information). This is from the Snort FAQ which is located at

    Once you work through the rule logic Snort becomes very easy to work with. Let me know if I can be any further assistance.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts