[Snort-users] ACID Reporting and Portscans

Joe Giles jgiles at ...6534...
Tue Aug 6 09:03:07 EDT 2002


Probobly a simple setup issue, but I cant get any data from ACID's Portscan Traffic. I get data from my portscan preprocessor. I can generate a file /var/log/snort/portscan.log (Owned by root) and the file is working, and I have it set up in the acid_conf.php file, I have $portscan_file = "/var/log/snort/portscan.log"; set. But, Im not ever getting any port scan traffic. I can see different port scan information in the logs, but isnt it supposed to generate portscan spicific info?

Thanks

Joe Giles
jgiles at ...6534...
AOL ID: mcigiles




More information about the Snort-users mailing list