i have installed Sophos utm software 9.200-11 on my virtual machine.
(1 cpu @ 2.60GHz, 2 Gb ram, 2 NIC Realtek Fast Ethernet (RTL-8139) and 50GB IDE HD).
i try to set ips like the manual, (enable on lan and other config like tcp/udp/icmp flood) but when i start it live log says:
2014:03:07-14:51:44 Sobox snort[7238]: ===============================================================================
2014:03:07-14:51:44 Sobox snort[7238]: dcerpc2 Preprocessor Statistics
2014:03:07-14:51:44 Sobox snort[7238]: Total sessions: 0
2014:03:07-14:51:44 Sobox snort[7238]: ===============================================================================
2014:03:07-14:51:44 Sobox snort[7238]: ===============================================================================
2014:03:07-14:51:44 Sobox snort[7238]: SIP Preprocessor Statistics
2014:03:07-14:51:44 Sobox snort[7238]: Total sessions: 0
2014:03:07-14:51:44 Sobox snort[7238]: ===============================================================================
2014:03:07-14:51:44 Sobox snort[7238]: Could not remove pid file /var/run//snort_16000.pid: Permission denied
2014:03:07-14:51:44 Sobox snort[7238]: Snort exiting
i have tryied for example nmap online or portscan by my lan but the log doesn't say nothing...
where i wrong? possible network incompatibility? (i can choose one of this types of nic drivers:
intel gigabit ethernet, NE2000(not completly recognize uplink status), Pcnet32(Am79c970), Virtual Gigabit Ethernet (Required VM drivers only for windows), and Realtek that i used
sorry for my bad english i hope you understand what i want to say...
thanks all
ps: i have tryied to set action "Log event only" into port-scan tab but nothing...
This thread was automatically locked due to age.
