[Snort-users] Snort for Windows, MySQL and ACID question
jgiles at ...6534...
Thu Aug 8 19:42:02 EDT 2002
I was having the same problem... One thing I did, was make sure that the portscan.log gives the proper permissions...
Mine is set 644. I still dont see any port scan activity as far as the Bar Graph goes (BUG???) but if you select an IP address from anywhere, there is a PORTSCAN option that you can select to view the portscan.log file filtered for the ip address..
Hope this helps :)
> > I am running Snort, MySQL and ACID on a Windows 2000
> > Professional machine.
> > When I run a port scan, I do not see any port scan activity
> > showing up in
> > ACID. Any ideas on where to look to see why this is not
> > happening? I
> > assume that I am missing a rule somewhere, but I am not sure.
> > Thanks....
> rtff - read the f(ine) faq:
> stfa - search the f(ine) archives:
> google is your friend:
> snort helps them what helps themselves...
> <rant - not directly completely at you, shawn, but consider yourself
> within the blast radius...>
> fer cryin' out loud, what is it with people? get 'em on the internet
> and the automatically lose 50 points of iq?! seems that some of 'em
> can't spare it to begin with.
> google. mailing list archives. faqs. how-tos. documentation written
> by users.
> it's all out there -- use it.
> okay, stop me if this gets complicated. on a mailing list you do
> something called lurking. read for a week, just listen -- don't say
> anything. get the feel of the people who write and the temperament of
> the list in general. newbies can get help, but be prepared to get
> whacked for not doing your homework.
> yes, i know i could have spent less time just answering the question,
> but this is like taking the time to write a script so next time you
> invest a lot less time. yes, i know that this could be construed as
> rude, but consider that you've just committed the equivalent of butting
> into a card game and asking "are you playing cards?"
> if you are going to ask for help, send the relevant information. here
> it is again.
> - version of os (win2k, redhat 7.2, obsd 3.1-stable...)
> - version of snort (do a snort -V)
> - version of acid (look at the bottom of the page - if it isn't
> 0.9.6.b21, don't ask until you've installed it)
> - version of barnyard, if applicable (barnyard -V)
> - version of your database (mysql -V [getting to see a pattern here?])
> if you've read the faqs, read the how-tos, looked it up in google and
> the mailing list archives AND THEN you're unable to get your problem
> taken care of, THEN BY ALL MEANS ask for help. prove to me that you
> aren't some lazy freakin' snot out to waste our time and energy and
> goodwill, and i'll stay around and help you.
> this isn't meant for just this list either. this is for all of 'em.
> fly tying, tie-dying, hang-gliding, programming GLIDE, programming perl,
> perl on an OS, OS miscellaneous (criminey, you should see what they do
> to stupid users on obsd-misc...), bondage sites, mailservers lists,
> do your homework. do for yourself.
> then ask.
> i'm going home, beers and chicken need drinking and barbequeing (in that
> - chris
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
jgiles at ...6534...
AOL ID: mcigiles
More information about the Snort-users