Unconfigured Ad Widget

Collapse

anyone has experience running Snort on Linux

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1
    loekanle
    Member
    • Aug 2011
    • 206

    anyone has experience running Snort on Linux

    I want to configure snort but dont have a clue
    when I go to applications and try to open it nothing happens

    and I want to no the difference between snort Msyql and regular snort which is better to have
    Tags: None
    • #2
      exklusve
      Member
      • Apr 2010
      • 198
      More info might help.
      What OS are you running?
      What do you want to use Snort for?
      etc etc etc.

      In all honesty, dont take this wrong, if you can't get Snort running the info you get from Snort probably will not only be useless to you, but more confusing that the problem you have now.
      Originally posted by CHS
      Oh you didn't hear? Silencers are used by ASSASSINS TO MURDER BABIES.

      Want to carry in the woods? Click here.

        Comment

        • #3
          Rhythm of Life
          Veteran Member
          • Apr 2010
          • 2800
          NVM read your other post.

          Best of luck but I have no experience with it as I only have 3 PCs on my network and no public IP.
          Last edited by Rhythm of Life; 10-05-2011, 4:29 PM.
          The person who has nothing for which he is willing to fight, nothing which is more important than his own personal safety, is a miserable creature and has no chance of being free unless made and kept so by the exertions of better men than himself.

            Comment

            • #4
              blakdawg
              Senior Member
              • Sep 2008
              • 1503
              database-backed snort makes more sense if you're going to collect a lot of data. probably not worth the effort to configure if you're just goofing around.
              "[T]he liberties of the American people [are] dependent upon the ballot-box, the jury-box, and the cartridge-box . . without these no class of people could live and flourish in this country." -- Frederick Douglass (1892)

                Comment

                • #5
                  shooterfpga
                  Veteran Member
                  • Feb 2009
                  • 2761
                  it probably doesnt do anything, because you havent logged files yet. mysql snort is exactly that, it logs your snort files to a mysql db. you must have mysql configured already. what distro are you running, it'll be easier to tell you how to configure snort for your specific distro.
                  U.S. Army Combat Engineer

                  Originally posted by Cactuscooler
                  I have Paramilitary training

                    Comment

                    • #6
                      loekanle
                      Member
                      • Aug 2011
                      • 206
                      Ubuntu 11.04 I want it for intrusion detection

                        Comment

                        • #7
                          exklusve
                          Member
                          • Apr 2010
                          • 198
                          Give us an idea of your network.
                          Type of internet service, do you have the router/switch/wifi router from the ISP? Do you have any other AP's or switches on your network? How many PC's are connected and are they connected through wifi or are they wired?
                          Originally posted by CHS
                          Oh you didn't hear? Silencers are used by ASSASSINS TO MURDER BABIES.

                          Want to carry in the woods? Click here.

                            Comment

                            • #8
                              ibanezfoo
                              I need a LIFE!!
                              • Apr 2007
                              • 11688
                              Just go load EasyIDS and it will all be done for you... Setting up Snort from scratch is a fun challenge, but a challenge nonetheless.

                              You will have to set up a mirrored or monitoring port on your switch though to point at it or it will hardly see anything other than broadcast traffic.

                              I prefer using NTOP to display WTF is going on with the network.

                              404 Not Found
                              http://www.skynet-solutions.net/About-EasyIDS


                              Skynet... yeah
                              Last edited by ibanezfoo; 10-06-2011, 9:54 PM.
                              vindicta inducit ad salutem?

                                Comment

                                • #9
                                  Akers
                                  Banned
                                  • Aug 2011
                                  • 1332
                                  Are you using it for IDS? or ? We run it as an IDS in out 2500 user 2PB environment and it works well. What where you looking to learn?

                                    Comment

                                    Previous template Next

                                    Calguns.net Statistics

                                    Collapse
                                    Topics: 1,862,176   Posts: 25,090,086   Members: 355,415   Active Members: 4,827
                                    Welcome to our newest member, scentedtrunk.

                                    What's Going On

                                    Collapse

                                    There are currently 4457 users online. 28 members and 4429 guests.

                                    Most users ever online was 239,041 at 11:39 PM on 02-14-2026.

                                    Working...
                                    UA-8071174-1