[Snort-users] snort against portscan

alexus mail at ...1679...
Tue Mar 27 22:26:48 EST 2001


Hi, I downloaded latest version of snort

I compiled it, everything went smootly then I had to create /var/log/snort
directory
and once i run snort (I run it by command: snort -Dsc
/usr/local/bin/snort.conf)
it create file portscan.log which is always 0 bytes even if someone scaned
me..
I dont understand how is exactly snort works.. what am I missing?

oh also after I compiled snort i went and download complete rules
(http://www.snort.org/Files/03152001/snortrules.tar.gz)
and it replaced snort.conf file and i had to create local.rules.. which is
empty..






More information about the Snort-users mailing list