Community discussions

 
ciscosystem
newbie
Topic Author
Posts: 26
Joined: Mon Feb 04, 2013 3:25 pm

snort-base-problem

Wed Feb 26, 2014 10:34 am

hello everyone
i have installed snort in ubuntu server and used Base and gui interface . i used ip firewall calea and packet sniff tool to send the traffic to my snort server
when i run command ./trafr -s | snort -r - and cp trafr /usr/local/bin/ everything seems ok but in Base interface i only see udp and icmp traffic despite %50 of my traffic is tcp and all the udp and icmp coming from 1 single source and another dest ip simply i saw 2 ip for all the traffic but in console i see all the real ip address.
what could cause this
thanks for reading
 
ciscosystem
newbie
Topic Author
Posts: 26
Joined: Mon Feb 04, 2013 3:25 pm

Re: snort-base-problem

Sat Mar 01, 2014 7:04 am

i really need this anybody can help ?
 
ciscosystem
newbie
Topic Author
Posts: 26
Joined: Mon Feb 04, 2013 3:25 pm

Re: snort-base-problem

Sat Mar 01, 2014 10:50 am

the the photo of console traffic and web traffic on my server
You do not have the required permissions to view the files attached to this post.
 
kraker
Frequent Visitor
Frequent Visitor
Posts: 88
Joined: Thu Aug 02, 2012 9:34 am

Re: snort-base-problem

Sun Mar 23, 2014 6:29 pm

what you want to see at snort or sniff packets?..

I'm using tcpdump with syslog feature..It's shows all dumped packet at syslog...
 
ciscosystem
newbie
Topic Author
Posts: 26
Joined: Mon Feb 04, 2013 3:25 pm

Re: snort-base-problem

Sat Apr 05, 2014 8:57 am

thanks kraker for reply
i fix my snort it was bc of the rules

Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 77 guests