[Snort-users] emty logs
decker78 at ...8908...
Thu Apr 17 07:26:34 EDT 2003
I recently configured Snort...as a newbie i don't know all the ins and outs
and maybe i didn't get the whole IDS story .
I'm portscanning myself crazy , but i can't see anything in the logs . They
stay empty all the time .
any ideas ? (i use iptables on the linux server )
Starting with :
snort -v -c /etc/snort.conf -D -i eth0
var HOME_NET 192.168.0.1/24
var EXTERNAL_NET any
var SMTP $HOME_NET
var RULE_PATH /root/Snort_Rules
preprocessor stream4: detect_scans
preprocessor portscan: $HOME_NET 4 3 portscan.log
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users