[Snort-users] Where is $portscan_file log file ????

Dhruv Chandra dhruvc at ...125...
Wed Dec 11 11:47:04 EST 2002


Thanks for the info as to  where the variable is. But I am unable to find 
where the Portscan Log file is :(.

Is it created by default when snort is run or is there a special switch one 
needs to  use ??

Please help ..

Thanks a ton.



>From: "Hicks, John" <JHicks at ...5857...>
>To: 'Gary Borgeson' <gborgeson at ...7012...>, "Snort Users (E-mail)" 
><snort-users at lists.sourceforge.net>
>Subject: RE: [Snort-users] ACID Portscan Traffic (0%)
>Date: Wed, 11 Dec 2002 11:12:41 -0500
>From the config doc
>[OPTIONAL for Snort portscan pre-processor support]
>$portscan_file  : full path to a Snort portscan log file
>set this in acid.conf.
>John Hicks
>John Hicks
>-----Original Message-----
>From: Gary Borgeson [mailto:gborgeson at ...7012...]
>Sent: Wednesday, December 11, 2002 10:22 AM
>To: 'snort-users at lists.sourceforge.net'
>Subject: [Snort-users] ACID Portscan Traffic (0%)
>On the ACID main page we have Traffic Profile by Protocol including 
>Traffic. This % has stayed at 0 since day one. Even when I launch my own
>scan it stays at 0%. There is plenty of stuff in portscan.log. How should I
>interpret this?
>Thanks, G
>This sf.net email is sponsored by:
>With Great Power, Comes Great Responsibility
>Learn to use your power at OSDN's High Performance Computing Channel
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>Snort-users list archive:

The new MSN 8: smart spam protection and 2 months FREE*  

More information about the Snort-users mailing list