From owner-freebsd-security  Thu Jul 11 22:37:21 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 91C6037B400
	for <freebsd-security@freebsd.org>; Thu, 11 Jul 2002 22:37:18 -0700 (PDT)
Received: from I-Sphere.COM (shell.i-sphere.com [209.249.146.70])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 29EC143E3B
	for <freebsd-security@freebsd.org>; Thu, 11 Jul 2002 22:37:18 -0700 (PDT)
	(envelope-from fasty@shell.i-sphere.com)
Received: from shell.i-sphere.com (fasty@localhost [127.0.0.1])
	by I-Sphere.COM (8.12.3/8.12.3) with ESMTP id g6C5ckHd089234
	for <freebsd-security@freebsd.org>; Thu, 11 Jul 2002 22:38:46 -0700 (PDT)
	(envelope-from fasty@shell.i-sphere.com)
Received: (from fasty@localhost)
	by shell.i-sphere.com (8.12.3/8.12.3/Submit) id g6C5cjut089233;
	Thu, 11 Jul 2002 22:38:45 -0700 (PDT)
Date: Thu, 11 Jul 2002 22:38:45 -0700
From: faSty <fasty@i-sphere.com>
To: dawnshade <h-k@mail.ru>
Cc: freebsd-security@freebsd.org
Subject: Re: Snort problem.
Message-ID: <20020712053845.GA89208@i-sphere.com>
Mail-Followup-To: faSty <fasty@i-sphere.com>,
	dawnshade <h-k@mail.ru>, freebsd-security@freebsd.org
References: <60550254524.20020712090257@mail.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <60550254524.20020712090257@mail.ru>
User-Agent: Mutt/1.4i
X-Virus-Scanned: by amavisd-milter (http://amavis.org/)
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Did you check /var/log/messages because -s mean it goes directly syslogd send
to /var/log/messages. Depend on what your syslogd.conf unless it is default
syslogd.conf then check /var/log/messages.

My snort on bridge look like:
/usr/local/bin/snort -A full -D -e -d -s -i fxp1 -c /usr/local/etc/snort.conf

-fasty

On Fri, Jul 12, 2002 at 09:02:57AM +0400, dawnshade wrote:
>  I have a little problem:
>  install, configure snort (1.8.6 (Build 105)).
>  Run: /usr/local/bin/snort -c /usr/local/etc/snort/snort.conf -s -A full -d -D -l /usr/log/snort
> 
>  But the snort does nothing: not log or alert scans, portscans,
>  etc....
>  
>  thank all for advance.
>   
> 
> -- 
> 
>  dawnshade                          mailto:h-k@mail.ru
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message