[Snort-users] Snort on ACID Portscan problem

Uhte, Russ RussU at ...6702...
Mon Aug 26 10:19:05 EDT 2002


Joshua,
I'm using mysql for logging...  I had to change the setting in the
snort.conf file that said "output database: log ...." to "output database:
alert"  Something about the preprocessor uses the alert instead of log
function I think!!
-Russ


-----Original Message-----
From: Joshua Rogers [mailto:josh at ...6676...] 
Sent: Monday, August 26, 2002 12:01 PM
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snort on ACID Portscan problem


Message>Problem solved thanks!!
What was the solution? I am experiencing the same thing; portscan.log file
is full of traffic, but it does not show up in acid.
Thanks,
Joshua Rogers
Webmaster
InterPlanetary Web Services
303-940-2597
IBO# 60092


----- Original Message -----
From: Uhte, Russ
To: Uhte, Russ ; 'snort-users at lists.sourceforge.net'
Sent: Monday, August 26, 2002 10:22 AM
Subject: RE: [Snort-users] Snort on ACID Portscan problem


Problem solved thanks!!
-Russ
-----Original Message-----
From: Uhte, Russ [mailto:RussU at ...6702...]
Sent: Monday, August 26, 2002 10:54 AM
To: 'snort-users at lists.sourceforge.net'
Subject: [Snort-users] Snort on ACID Portscan problem


Hello all,
I can't seem to get ACID to look at my portscan.log file.  I have the
statement
$portscan_file = "c:\snort\logs\portscan.log";
in the acid.conf file, however, when I view the site, and click portscan
traffic, nothing shows up... even when there is stuff in the portscan.log
file....
Any ideas would be appreciated!!
Thanks,
Russ

Russ Uhte, CCNA, MCP, A+
Network Administrator
Richmond Power & Light
Parallax Systems Division











---
CONFIDENTIALITY NOTICE: This email and any attachments are for the exclusive
and confidential use of the intended recipient. If you are not the intended
recipient, please do not read, distribute or take action in reliance upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---



---
CONFIDENTIALITY NOTICE: This email and any attachments are for the exclusive
and confidential use of the intended recipient. If you are not the intended
recipient, please do not read, distribute or take action in reliance upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---



-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
---
[This E-mail scanned for viruses by Declude Virus]


---
CONFIDENTIALITY NOTICE: This email and any attachments are for the exclusive
and confidential use of the intended recipient. If you are not the intended
recipient, please do not read, distribute or take action in reliance upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---




More information about the Snort-users mailing list