SNORT rule does not work!

Home Page Forums Network Management Snort IDS SNORT rule does not work!

This topic contains 1 reply, has 0 voices, and was last updated by  pink-hat 1 year, 4 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #44828

    pink-hat
    Member

    hello

    I have a problem.
    I do these steps of snort for adjusting rule. (with Kali version in vmware)

    1. cd /etc/snort/rules
    2. sudo nano twitter.rules
    3. reject tcp any any -> any any (content:”www.twitter.com”;msg:”Block lists”;sid:1000001; )
    4. sudo nano /etc/snort/snort.conf
    5. Add –> include $RULE_PATH/twitter.rules
    6. sudo snort -A console -i eth0 -c /etc/snort/snort.conf -l /var/log/snort -K ascii

    after this steps , I received this message “commencing packet processing”
    but when I want to open twitter site , sometimes this site does not open but sometimes open!
    and also the msg for rule does not appear!

    I want to know why I can’t block the site and get this message?!

    thanks

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.