Thomas Madhavan wrote:
> Hi guys,
>
> I'm a pretty new user to Linux, and I want to set up some sort of protection
> for my box. I have snort installed and I'm looking for rulesets - the
> problem I have is this:
>
> When I run snort, it runs in a terminal. How exactly do I set snort to just
> run in the background, collecting unusual packets? I'm sure there must be a
> way.
From the snort man page:
-D Run Snort in daemon mode. Alerts are sent to
/var/log/snort/alert unless otherwise specified.
> Also, is Hogwash a suitable tool to use instead of/as well as snort? I need
> something that is relatively simple but also effective.
Sorry, can't help here - never used it.
Jeff
> Regards,
>
> Thomas Madhavan
>
>
>
>
