Re: FW: snort 2.9.4.6 not logging

[Maged Shenouda <maged67 () hotmail com>]

Here is how my system setup
 
Cisco ASA 5500 firewall connected to the SUSE Enterprise 11 Linux proxy/firewall server, all the traffic to and out of 
network pass through the Linux proxy server, this is where I setup the snort to monitor the traffic on the network card 
connected to the cisco device. Nothing is encrypted on the linux server. Obviously there are tons of traffic going on 
the proxy server.
 

 
> Date: Tue, 23 Jul 2013 13:29:15 -0400
> From: wkitty42 () windstream net
> To: snort-users () lists sourceforge net
> Subject: Re: [Snort-users] FW:  snort 2.9.4.6 not logging
>
> On 7/23/2013 12:29, Maged Shenouda wrote:
> > Thanks for the feedback, so all those rules files that are included in the
> > /snort/rules and those that are included in the snort.conf are not alerting any
> > suspecious traffic? wow my system must be very secure and not attracting any one?
>
> secure is one thing... attracting attention is another ;)
>
> what servers do you run on your protected network behind snort? if there's no 
> servers available to the public, there's nothing for anyone to mount a frontal 
> attack on... of course, snort must be able to see the traffic, too... if it is 
> in encrypted tunnels, snort may not see it...
>
> if you have no infestations internally, then there's no outbound alerts to be 
> raised letting you know about the infestations... of course, snort must be able 
> to see the traffic, too... if it is in encrypted tunnels, snort may not see it...
>
>
> -- 
> NOTE: No off-list assistance is given without prior approval.
>        Please keep mailing list traffic on the list unless
>        private contact is specifically requested and granted.
>
> ------------------------------------------------------------------------------
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!