Page 29 of 31 FirstFirst ... 192728293031 LastLast
Results 281 to 290 of 309

Thread: Intrusion Detection

  1. #281
    Join Date
    Feb 2010
    Beans
    13

    Re: Intrusion Detection

    Quote Originally Posted by bodhi.zazen View Post
    was following the guide.
    i will check that.

  2. #282
    Join Date
    Aug 2009
    Beans
    33

    Re: Intrusion Detection

    Quote Originally Posted by Zapisto View Post
    was following the guide.
    i will check that.

    You need to download the so rules for your distro or compile them yourself on your box. Here is a quick guide from snort on how to do it.


    http://www.snort.org/snort-rules/about-so_rules

    Your error is telling you there are no rules in the directory listed.

  3. #283
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Intrusion Detection

    Quote Originally Posted by abrrymnvette View Post
    You need to download the so rules for your distro or compile them yourself on your box. Here is a quick guide from snort on how to do it.


    http://www.snort.org/snort-rules/about-so_rules

    Your error is telling you there are no rules in the directory listed.
    Nice link, thank you =)
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  4. #284
    Join Date
    Feb 2010
    Beans
    13

    Re: Intrusion Detection

    Hello, I manage to start snort
    but i have nothing in base.
    nada, zero entry.

    where do i start looking ?
    thanks

  5. #285
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Intrusion Detection

    Quote Originally Posted by Zapisto View Post
    Hello, I manage to start snort
    but i have nothing in base.
    nada, zero entry.

    where do i start looking ?
    thanks
    It is perfectly normal NOT to have any alerts in base.

    Post a screen shot of base and I can give you perhaps better advice.

    If snort goes too long without an alert , it disconnects from the database, and needs to be restarted.
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  6. #286
    Join Date
    Feb 2010
    Beans
    13

    Re: Intrusion Detection

    here is the requested screenshot.
    let me know
    Attached Images Attached Images

  7. #287
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Intrusion Detection

    I see nothing wrong.

    You either have to hit snort with something or wait, but your sensor is registering (the 0/1 line) and I can see no problem with your installation.
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  8. #288
    Join Date
    Feb 2010
    Beans
    13

    Re: Intrusion Detection

    tried ssh failure
    and get any alert
    Last edited by Zapisto; March 15th, 2010 at 09:45 PM.

  9. #289
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Intrusion Detection

    Generating snort alerts is grey hat at best and as such is beyond what we support on these forums.

    A simple google search will answer your question on how to generate a snort alert as will time.

    The most important thing is that you see your sensor in base, the line reads "0/1"

    The 0 means you have had no alerts, the 1 means base is connected to snort.

    Everything is working as expected, beyond that you will need to read.
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  10. #290
    Join Date
    Feb 2010
    Beans
    13

    Re: Intrusion Detection

    thnaks a lot
    i will

Page 29 of 31 FirstFirst ... 192728293031 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •