Hi, Debian Unstable snort: Installed: 1.8.6-3 Candidate: 1.8.6-3
I have installed snort and I'm getting no email alerts, and the daily reports are blank. Once a day I get an email report from snort which is basically blank, here is the top part of it: Subject: snort daily report The log begins from: :: The log ends at: :: Total events: 0 Signatures recorded: 0 Source IP recorded: 0 Destination IP recorded: 0 When I run snort manually using: 'snort -v -i ppp0' I can see the traffic. I ssh to a remote box I have root privs on and run a nmap -sS and can see my scan scolling up the screen. My question is why no emailed alerts? This is how I installed it: apt-get install snort , then I configured it (below is snort.debian.conf DEBIAN_SNORT_HOME_NET="10.0.0.0/24" DEBIAN_SNORT_OPTIONS=" -i ppp0" DEBIAN_SNORT_STATS_RCPT="alerts" DEBIAN_SNORT_STATS_TRESHOLD="1" snort is running. Any help is appreciated. regards, T. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]