cancel
Showing results for 
Search instead for 
Did you mean: 

Snort in Linux

vwhk_1
Advisor

Snort in Linux

Hi,

I've installed Snort 1.9.1 on Linux (Redhat) box 7.2 which comes with 2 nodes, one is assigned IP for management and other is no IP assign plugged in between the DataCentre's internet network and our own firewall that to monitor the intrusion from internet. We configured a port to monitor one VLAN on switch. It suppose to record down the traffic packets between internet and our one local subnet in that Vlan. But there is an error at each record "SNMP missing community string attempt". So I can use ACID to view them from database. Please give me some adivce. Thanks!

Vincent
2 REPLIES
U.SivaKumar_2
Honored Contributor

Re: Snort in Linux

Hi Vincent,

you may have that switch with SNMP enabled. Disable SNMP in all our exposed network devices if you dont use it.

Also you can put a access list in the internet gateway router to prevent SNMP probes from Internet.

regards,
U.SivaKumar
Innovations are made when conventions are broken
vwhk_1
Advisor

Re: Snort in Linux

Hi,

I've checked the snmp service is enabled on the switch. What other factor make the error?

Thanks!
Vincent