[Snort-users] portscans and ACID

Omar McKenzie omckenzi at ...4479...
Thu Mar 21 21:07:03 EST 2002


you don't need the first output statement
  ----- Original Message ----- 
  From: Mike Macias 
  To: snort-users at lists.sourceforge.net 
  Sent: Tuesday, March 19, 2002 3:58 PM
  Subject: [Snort-users] portscans and ACID


  I've been looking through the snort users archive and found plenty of documentation on how to get ACID to see portscans.  I've finally got things working, however I'm a little concerned about my solution.  In snort.conf I have 2 output plugins specified:

  output database: log, mysql, user=snort password=abcdef dbname=snort_db host=localhost 
  output database: alert, mysql, user=snort password=abcdef dbname=snort_db host=localhost (so that ACID can see portscans)

  Will having 2 outputs specified adversely affect any data in the MySQL db?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020321/272616c8/attachment.html>


More information about the Snort-users mailing list