jasdect.com

• Next message: Martin Roesch: "Re: [snort] Closing -b log file"
• Previous message: Andrew R. Baker: "[snort] html output for snort_stat.pl"
• Next in thread: Jerry Shenk: "RE: [snort] need Token Ring help"
• Reply: Jerry Shenk: "RE: [snort] need Token Ring help"
• Reply: Jerry Shenk: "RE: [snort] need Token Ring help"
• Reply: Sten Kalenda: "FW: [snort] need Token Ring help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I just installed 1.5.2 on a linux box on a Token ring network and I seem to
only be able to get traffic that is going toward the host - I don't get any
responses. Is it possible that this is because of the order of the ring and
that my Linux box's MAC address is between the MAC addresses of the router
and the host?

My command-line is 'snort -i tr0 -dv -l ./mainframe net 10.26'. We are
trying to figure out why connections on the 10.26 network drop when nobody
else's has that problem. I would think command-line would log and display
all traffic to and from any host on the 10.26 network but it's not working
that way. I've run the same type of command-line on an ethernet segment and
it works as expected.

Jerry A. Shenk, MCNE
Sr. Systems Engineer - Computer Networking Services
D&E Communications, Inc.
jshenkdecommunications.com
1-877-433-8632 Fax via efax: (603) 250-1453
my website: www.dect.com/jas

• Next message: Martin Roesch: "Re: [snort] Closing -b log file"
• Previous message: Andrew R. Baker: "[snort] html output for snort_stat.pl"
• Next in thread: Jerry Shenk: "RE: [snort] need Token Ring help"
• Reply: Jerry Shenk: "RE: [snort] need Token Ring help"
• Reply: Jerry Shenk: "RE: [snort] need Token Ring help"
• Reply: Sten Kalenda: "FW: [snort] need Token Ring help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]