[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mandrake-expert
Subject:    [expert] testing and email reporting in snort
From:       Juan Luis Baptiste <juancho () phreaker ! net>
Date:       2004-05-11 23:04:49
Message-ID: 200405112304.49690.juancho () phreaker ! net
[Download RAW message or body]

Hi,

I just installed snort and everything seems ok, but I haven't been able to 
test it, I do a simple scan with nmap (nmap -O 192.168.7.72) and in 
/var/log/messages I can't see any messages from snort. I have uncommented the 
line:

output alert_syslog: LOG_AUTH LOG_ALERT

But it seems I need to do something else, or I'm testing it the wrong way. 
Also, how can I configure snort so these messsages are emailed to someone?


Cheers,
--
Juan Luis Baptiste
http://www.merlinux.org
http://knetworkconf.sf.net




[prev in list] [next in list] [prev in thread] [next in thread]