[Snort-users] Where are portscans stored ?

Kevin Riggins kriggins at ...5810...
Thu Jun 20 05:25:04 EDT 2002


When loggin to a database, you have to change the log level from log to
alert.  Portscans will then be logged to the database and the
portscan.log file.

Kevin

On Wed, 2002-06-19 at 09:09, Hilton De Meillon wrote:
> Hey All,
> 
> Yesterday I changed my snort config to log its info to a Mysql database. Are
> portscans now logged to the database or to the /var/log/snort/portscan.log
> file ?, 
> because when I purposely portscan my machine form another machine (using
> nmap) it picks them up in ACID ??. 
> 
> Second question (semi-OT) : I am running ACID v0.9.6b21 and when I portscan
> my box using nmap (tcp or udp scan) the status page says that the have
> been no portscans  Anyone experiencing the same thing ?.
> 
> Hilton.
> 
> 
> Hilton De Meillon
> Brait IT
> Tel.  011-5071342
> Fax. 011-5071343
> Cel.  082-4590710
> hdemeillon at ...5498...
> 
> 
> "Common sense is the collection of prejudices acquired by age eighteen."
> - Albert Einstein
> 
> 
> 
> ----------------------------------------------------------------------------
>                    Bringing you mounds of caffeinated joy
>                    >>>     http://thinkgeek.com/sf    <<<
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users






More information about the Snort-users mailing list