NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Snort IDS> 2004-07

[Snort-users] Snort and acid prob!!! Acid not running :(

From: Aparna Mangla (aparna.manglagmail.com)
Date: Wed Jul 14 2004 - 05:12:06 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hi
plz help me urgently.

I have installed snort-2.0.2 with acid 0.9.6b23 on redhat 9. I think i
followed all the steps correctly. and when i run :
snort -c /etc/snort/snort.conf
i get the following output at the end:

===============================================================================
Snort analyzed 471 out of 471 packets, dropping 0(0.000%) packets

Breakdown by protocol: Action Stats:
    TCP: 29 (6.157%) ALERTS: 0
    UDP: 208 (44.161%) LOGGED: 0
   ICMP: 89 (18.896%) PASSED: 0
    ARP: 90 (19.108%)
  EAPOL: 0 (0.000%)
   IPv6: 0 (0.000%)
    IPX: 0 (0.000%)
  OTHER: 55 (11.677%)
DISCARD: 0 (0.000%)
===============================================================================
Wireless Stats:
Breakdown by type:
    Management Packets: 0 (0.000%)
    Control Packets: 0 (0.000%)
    Data Packets: 0 (0.000%)
===============================================================================
Fragmentation Stats:
Fragmented IP Packets: 0 (0.000%)
    Fragment Trackers: 0
   Rebuilt IP Packets: 0
   Frag elements used: 0
Discarded(incomplete): 0
   Discarded(timeout): 0
  Frag2 memory faults: 0
===============================================================================
TCP Stream Reassembly Stats:
        TCP Packets Used: 29 (6.157%)
         Stream Trackers: 9
          Stream flushes: 0
           Segments used: 0
   Stream4 Memory Faults: 0
===============================================================================
database: Closing connection to database "snort"
Snort exiting

Now...when i start the httpd interface, i get 0 alerts, 0 sensors, 0 %
UDP, 0% TCP.....as though it is inactive.
I am connected on LAN of 50 PCs.
Please tell me how to correct it.
Hoping for an urgent reply.
Thanking you
Aparna Mangla

-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]