[Snort-users] Stupid question
pblaauw at ...772...
Mon Nov 13 03:52:27 EST 2000
*dons newbie clothing*
I'm running snort as a test in the following way:
[root at ...783... snort-1.6.3] ./snort -dev -l /var/log/snort -h
127.0.0.1/32 -c rules.local
rules.local is just the updated rules file you guys were kind enough to
reference me to.
When I portscan my localhost with eg. nmap in the following way -
[root at ...783...] nmap -sT -O -v 127.0.0.1
[root at ...783...] nmap -sS -O -v 127.0.0.1
it does log it to the alerts file, but not the portscan.log
Now in my infinate newbie status I've just portscanned the localhost with
nmap, and snort isn't picking it up or not logging it...
Or am I falling of the bus completely?
More information about the Snort-users