[Snort-users] ACID Portsacan Trafic

Alireza Naderi alireza at ...7551...
Sun Dec 15 07:49:02 EST 2002

Hi guys

I have a problem with ACID
I know for Portscan Trafic,i shuold configure acid_conf.php
and i should set the "$portscan_file" variable.
but i want to know wich log file is refer to portscan_file
Realy, snort make 2 log files : scan.log and alert
I set that variable with scan.log "$portscan_file=/var/log/snort/scan.log"
but it is not working and still Portsacn Traffic=0%

Does it should make another log file for portscan? how i configure it?
do you think i have miss configurations?

Thanx in advance

More information about the Snort-users mailing list