Ok, I downloaded and was able to install Snort, but when I try starting it up, it says I need to specify an interface with -i switch. What do I need to put in here? How to I go about starting the logging process? Thanks guys! :)
Printable View
Ok, I downloaded and was able to install Snort, but when I try starting it up, it says I need to specify an interface with -i switch. What do I need to put in here? How to I go about starting the logging process? Thanks guys! :)
ok here is a link to a Snort help forum. You can search there untill somebody who know more about snort then me replies here.
http://www.whitehats.com/cgi/forum/m...?bbs=forum&f=4
Ok, Ill definetly check that out, thanks for the link!
Ok, found out what I gotta put for -i, but when I start it up, it basically says permission denied, but when I try to su and then do it, it cant find it at all. Any help with that? Do I need to install snort on my root account as well to get it to work?
I think you do, maybe the account u are on is limited and can't run every program. Try with the r00t one.
Alright, Ill do that, but doesnt su give you root privileges, so that you can run all programs? Or does it just switch you over to root account inside the shell?
Hi Talith,Quote:
Originally posted here by Talith
Ok, I downloaded and was able to install Snort, but when I try starting it up, it says I need to specify an interface with -i switch. What do I need to put in here? How to I go about starting the logging process? Thanks guys! :)
Snort can listen on multiple interfaces, as such it gives you the ability to specify which interface you
want snort to sit on at startup (e.g. hme0, qfe1, fxp1, eth0, etc.); this is what the -i argument provides to snort.
Like MemorY said, check out the snort forums and mailing lists, it is an awesome tool and awesome tools
usually require education to use properly.
Best of luck.
-- spurious
Yeah, I got the -i thing workin, found out it was eth0, but then Im just stuck on it not being able to run in my normal account, and then when I try to su and use it, it says it cant find it at all. Ill try installing it on my root account and then see if I can run it from my normal account with SU privileges. Thanks for the advice though inode, helps a lot! :)
when you are doing an su do an su - instead.
Hey, that worked! Awesome, thank you so much for that command help qod.
So the - actually logged me in as root, while just regular su changes my permissions to root, or what goes on when I enter - as opposed to regular su? And then why did it say snort not found when I did a regular snort? Too many questions! AHHH... :D
su by itself just logs you into the su account, adding the - (su -) does a full login to the specified user (root
if no username is provided).
-- spurious