[Snort-users] Acid Not Logging

Roelof JT Jonkman roel at ...47...
Wed Mar 20 11:13:02 EST 2002


Agpiah,

> I have scanned the box Snort is running on with Nmap
> and not a flicker.

spp_portscan is hardwired to generate alerts, you have two options
on the database plugin log and alert, I'll bet you with pretty
good odds that your database plugin is configured to 'log'.

Authorative (Marty) answers on logging vs. alerts:

http://www.theadamsfamily.net/~erek/snort/logging_methods.txt

(And thanks to Erek for putting this up.)

		roel





More information about the Snort-users mailing list