[Snort-users] alert file
ag-snort at ...7149...
Wed Oct 23 20:59:02 EDT 2002
Ok, not to be harsh, but you SOUND really new.
1. Learn everything you can about snort, its functions, option and plugins
- I recommend reading the Snort Users Manual
2. Familarize yourself with TCP/IP
- I recommend reading "TCP/IP Illustrated Vol 1" By R. Stevens
3. If snort gives you an alert, it also gives you a "reference", go read
about that specific attack.
4. Use google. (this is your best friend).
And to your question, access_log is pertaining to apache. I suggest also
reading about what your using. Looks to me
your just running default installs of things.
I see you mentioned debian, im almost positive you used its package
system. Try grabbing the lastest stable
or grabbing it via snapshots/ directory. Rolling Your Own is the best
method for a new snort user.
And read my signature(below) and apply that to _EVERYTHING_ ;-)
 http://www.snort.org/docs/writing_rules (html)
Hope it helps
The secret to success is to start from scratch and keep on scratching.
More information about the Snort-users