[Snort-users] Stupid question

Pieter Blaauw pblaauw at ...772...
Mon Nov 13 03:52:27 EST 2000


Hi People

*dons newbie clothing*

I'm running snort as a test in the following way:

[root at ...783... snort-1.6.3] ./snort -dev -l /var/log/snort -h
127.0.0.1/32 -c rules.local 

rules.local is just the updated rules file you guys were kind enough to
reference me to.

When I portscan my localhost with eg. nmap in the following way -

[root at ...783...] nmap -sT -O -v 127.0.0.1

or with 

[root at ...783...] nmap -sS -O -v 127.0.0.1

it does log it to the alerts file, but not the portscan.log

Now in my infinate newbie status I've just portscanned the localhost with
nmap, and snort isn't picking it up or not logging it...

Or am I falling of the bus completely?

Kind regards
Pieter




More information about the Snort-users mailing list