AW: [Snort-users] portscan traffic

Poppi, Sandro Sandro.Poppi at ...3316...
Wed Jul 31 03:42:03 EDT 2002


first of all you'll have to activate the portscanning preprocessor in your
snort.conf (take a look at the shipped snort.conf where good explanations
are included, or use the Snort User's Manual and the FAQs for more info on
that). Then use nmap (www.insecure.orgt/nmap) to scan systems located where
snort listens (BTW, fyodor just released nmap 3.00 a few minutes ago! If doesn't work try using the ip# in the hope dns entry is not
spoofed 8).

> I'm running Snort+ACID+Postgresql and I'd like to know if snort is 
> dtecting portscan traffic, because I see lots of alerts, but none 
> related to portscan traffic. What should I do to test that snort is 
> detecting portscan traffic?.
> Thanks in advance
> -------------------------------------------------------
> This email is sponsored by: Dice - The leading online job board
> for high-tech professionals. Search and apply for tech jobs today!
> _______________________________________________
> Snort-users mailing list
> Snort-users at
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:

More information about the Snort-users mailing list