i installed the snortmysql rpm
and followed the rest of the rh snort mysql whitepaper from snort.org
snort is producing logs but acid is picking anything up
how can i test to make sure that acid can read ?
i copied the snortd script listed ont he whitepaper and also noticed that it has eth0 specified as the interface for snort
i have a computer with 2 nics and have eth1 for sniffing. do i have to change the entry to eth1?
and how to i check what interface snort is using ?
thanks for your time in advance.
Rigoberto De La Portilla -=[MCSE, WCSP]=-
http://cb0.net/~rigo