Ben's notes

Linux, Unix, network, radio...

User Tools

Site Tools

Trace:
snort_2.9.6.1_centos_6.5

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
snort_2.9.6.1_centos_6.5 [2014/05/09 07:01] adminsnort_2.9.6.1_centos_6.5 [2014/06/10 12:04] admin
Line 1: Line 1:
 +{{tag>[security snort centos6.5]}}
 +=====Snort 2.9.6.1 on CentOS 6.5=====
 ====Install prerequisites==== ====Install prerequisites====
   * EPEL repo   * EPEL repo
Line 18: Line 20:
  
 ====Test rule==== ====Test rule====
-Put as last line in snot.conf+Put as last line in snort.conf
   alert icmp any any -> 1.2.3.4 any (msg: "Gateway ping"; sid:10000001;)   alert icmp any any -> 1.2.3.4 any (msg: "Gateway ping"; sid:10000001;)
  
Line 28: Line 30:
 05/09-09:00:07.666729  [**] [1:10000001:0] Gateway ping [**] [Priority: 0] {ICMP} 6.7.8.9 -> 1.2.3.4 05/09-09:00:07.666729  [**] [1:10000001:0] Gateway ping [**] [Priority: 0] {ICMP} 6.7.8.9 -> 1.2.3.4
 </code> </code>
-</code>+ 
 +You can even show contents of the packets with tcpdump 
 +  tcpdump -r snort.log.1399615922
  
  
snort_2.9.6.1_centos_6.5.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1