Issues with Snort generating log entries

Discussion in 'Server Security' started by Rameez Qureshi, Apr 7, 2014.

  1. Rameez Qureshi

    Rameez Qureshi New Member

    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    hello


    I am having some problems with Snort, I have installed all of its dependencies and changed the snort.conf file to suit my setup and added filepaths etc but to no avail.



    When running snort in packet dump mode and saving it to a log it opens with wireshark and displays all the packets, however when running it in IDS mode it also picks up all the packets but does not generate any logs. The tests I am doing to test snort are basic ping scans, nmap scans and failed MSF exploits however Snort does not seem to be generating any logs for this.


    I suspect the problem may lie with the whitelist & blacklist rule files that I dont have and am unaware of where to get them


    I have attached my output when running snort in IDS mode and also my snort.conf file in 3 seperate parts due to the filesize limit being 20.kb for a .txt file


    Any help is greatly appreciated

    Attached Files:

  2. ryanvade

    ryanvade Administrator Staff Member Staff Writer

    Messages:
    1,260
    Likes Received:
    429
    Trophy Points:
    83
    why do you need so many ports open for web servers?
  3. Rameez Qureshi

    Rameez Qureshi New Member

    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    I am not running a web server and have not touched the web server port section

Share This Page