[Snort-users] ADSL with Border IDS config problem
erek at ...577...
Thu Feb 28 03:35:03 EST 2002
On Thu, 28 Feb 2002, Mysq wrote:
> The problem:
> Snort doesn't log or alert to any attacks or
> portscans coming in from the
> internet. (nmap using different options and the
> site Shields up which port
> scans your IP and displays results).
> I checked to see if the actual installation
> works by connecting a machine to
> Hub1 and running a portscan - snort picked it up
> successfully. When a portscan is run from the
> internet on the firewall
> public IP (ppp0) - snort doesn't pick it up.
To just take a guess, I'd bet it was a auto-sensing hub. With that in mind,
I'd also think that http://www.snort.org/docs/faq.html#6.21 is the key to your
More information about the Snort-users