These forums have been switched to read-only mode as of March 1, 2011. The content that already existed here will be retained for posterity. No new posts will be accepted here. For more information and for the address of the new forums, see this page: http://snort.org/community/groups
Forums Rules

Snort not using rules

Subscribe to Snort not using rules 1 post(s), 1 voice(s)

 
17 Mar, 2010 06:21 PM
Avatar aaron006 1 post(s)

Empty_starEmpty_starEmpty_starEmpty_starEmpty_star

I am new to snort, and had set up snort to run in IDS mode according to the user manual. However, after someone shut down my machine, BASE no longer reads and connects my captured packets. I set up snort again, and after updating the rules to the 2.8 snapshot, when running a packet capture, I get:

++++++++++++++++++++++++
Initializing rule chains…
27 Snort rules read
27 detection rules
0 decoder rules
0 preprocessor rules
27 option chains linked into 19 chain headers
0 dymanic rules
++++++++++++++++++++++++

I believe on my old install I was seeing upwards of 300 rules being read… What am I doing wrong?

Thanks for any help, it is greatly appreciated

Extra info: running snort on BackTrack 4 running snort 2.8.0.2
Forums Rules

©2009 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved. Terms of Use | Privacy Policy