1 réponse
I had installed snort 2.8.3.1 on suse 10.3 and I think that it runs with succes; cuz when I hit the following comand "etc/init.d/snort -v" it displays the behaviour of my network; like this:
***********************************************************************************************
Not Using PCAP_FRAMES
01/05-08:44:38.811369 ARP who-has 192.168.8.92 tell 192.168.8.54
01/05-08:44:47.823363 ARP who-has 192.168.8.92 tell 192.168.8.54
01/05-08:44:58.070878 192.168.8.157:138 -> 192.168.8.255:138
UDP TTL:64 TOS:0x0 ID:4632 IpLen:20 DgmLen:240
Len: 212
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
01/05-08:44:59.805091 ARP who-has 192.168.8.93 tell 192.168.8.54
01/05-08:45:00.728535 192.168.8.54:138 -> 192.168.8.255:138
UDP TTL:128 TOS:0x0 ID:1239 IpLen:20 DgmLen:229
***********************************************************************************************
But my problem is that I can't log in within snort session and I think that snort doesn't write on data bases like it should do it.
I have used the folowing doc:
http://www.snort.org/docs/setup_guides/Snort_Installation_SUSE-10.0.pdf
to realise my snort instalation until that I feel that is a data bases writing problrem.
I add that in the snort.conf wich is a etc/snort/ dyrectory I have mensioned that my snort will write on dbname=snort
and this base exist cus when I consult it on :
http://localhost/base It mensions its champs.
and iven when I consult it on :
http://localhost/phpMyAdmin
I find this data base wich is snort and its champs.
My mail is: red_simpl@hotmail.fr
or contact my frend: ratfou21@yahoo.fr
***********************************************************************************************
Not Using PCAP_FRAMES
01/05-08:44:38.811369 ARP who-has 192.168.8.92 tell 192.168.8.54
01/05-08:44:47.823363 ARP who-has 192.168.8.92 tell 192.168.8.54
01/05-08:44:58.070878 192.168.8.157:138 -> 192.168.8.255:138
UDP TTL:64 TOS:0x0 ID:4632 IpLen:20 DgmLen:240
Len: 212
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
01/05-08:44:59.805091 ARP who-has 192.168.8.93 tell 192.168.8.54
01/05-08:45:00.728535 192.168.8.54:138 -> 192.168.8.255:138
UDP TTL:128 TOS:0x0 ID:1239 IpLen:20 DgmLen:229
***********************************************************************************************
But my problem is that I can't log in within snort session and I think that snort doesn't write on data bases like it should do it.
I have used the folowing doc:
http://www.snort.org/docs/setup_guides/Snort_Installation_SUSE-10.0.pdf
to realise my snort instalation until that I feel that is a data bases writing problrem.
I add that in the snort.conf wich is a etc/snort/ dyrectory I have mensioned that my snort will write on dbname=snort
and this base exist cus when I consult it on :
http://localhost/base It mensions its champs.
and iven when I consult it on :
http://localhost/phpMyAdmin
I find this data base wich is snort and its champs.
My mail is: red_simpl@hotmail.fr
or contact my frend: ratfou21@yahoo.fr
