first, start snort. after start snort, open terminal, and type "pico /etc/snort/snort.conf "
now, we can edit like this :
edit var HOME_NET any, to be like this var HOME_NET "your ip".
to finish, press "ctrl+x", "y" and press "enter".
now we can run snort.
in terminal we can type "snort -i eth0 -q -c /etc/snort/snort.conf -A console" if we use wireless, we can change "eth0" with "wlan0".
our alarm ready to "ring".
the respond if there is an attacker :
-=CMIIW=-
dre ajari quu yg muu bsa,,,
ReplyDeleteusing english please.. :P
ReplyDeleteThis comment has been removed by the author.
ReplyDeletemeybe you can read it to your reference about your problem :D
Deletehttps://groups.google.com/forum/?fromgroups#!topic/snortusers/SqZFDXpH6gU
http://ubuntuforums.org/showthread.php?t=1362802
I entered this snort -i wlan0 -q -c /etc/snort/snort.conf -A console
ReplyDeleteand all i get is a blinking cursor i ran nmap and it did not pick any
thing up am i doing something wrong?
did you have been setting "/etc/snort/snort.conf" with your ip?
Deletei has been tried it a minute ago, if on one of operating sytem it can't be worked.. so are you have been try to using nmap on another computer to try the scanning..and it's worked.
Delete