[Snort-users] MySql-Acid logging

Shawn Duffy pakkit at ...5471...
Fri Apr 18 13:45:07 EDT 2003


Make sure that you are scanning from somewhere other than $HOME_NET...
there are some websites that will do this for you though I can't think of
them... also make sure that your config for ACID is pointing to the
correct location of your portscan log....  is this running on windows?

Shawn Duffy, CCNA CCSA
email: pakkit at codepiranha dot org
web: http://codepiranha.org/~pakkit
gpg key: http://codepiranha.org/~pakkit/pakkit.asc
gpg fpr: 8988 6FB6 3CFE FE6D 548E  98FB CCE9 6CA9 98FC 665A
having problems reading email from me? http://codepiranha.org/~pakkit/pgp-trouble.html


On Fri, 18 Apr 2003, Cilin wrote:

> Hi guys,
>
> I just set up Snort as a service and all the juicy
> programs along with it. When I open the acid_main.php
> i have no evidence of any intrusion(everything is 0).
> Do you guys know a program or a way i can generate an
> alert so i test to see if my configuration works.
>
> Also would a port scan be considered an alert, because
> i try scanning from a home network but no alerts were
> detected. I am blaming this on the network switch
> rather than the alert problem.
>
> thnks for any input in advance,
>
>
> =====
> "Knowing others is wisdom, knowing yourself is Enlightenment." -Lao Tzu
>
> __________________________________________________
> Do you Yahoo!?
> The New Yahoo! Search - Faster. Easier. Bingo
> http://search.yahoo.com
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>




More information about the Snort-users mailing list