[Snort-users] Port Scan traffic not showing

Paul Hrolenok paul.hrolenok at ...3147...
Mon Jan 6 18:18:04 EST 2003


Nick 

	If you are using the default setup with a MySQL db then you will need
to change the output plugin line in your snort.conf file to use the
"alert" facility rather than "log".  look for the line 

output database: log, mysql, user=x password=x dbname=x host=x

and change it to read

output database: alert, mysql, user=x password=x dbname=x host=x

This is somewhere either in the list archives or the docs don't remember
where I found it. :-)

On Mon, 2003-01-06 at 11:46, linuxnews at ...7917... wrote:
> I recentely installed Snort and i'm using the Acid console for output, I 
> can't seem to get logs though for port scan traffic, i've done multiple 
> port scans on the network but nothing is showing up.  I made sure that the 
> port scan rules were not commented out, I'm wondering if it's because we 
> have a token ring network?  Does anyone have any ideas?
> 
> Thanks!
> Nick
> 
> 
> 
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- 
Paul Hrolenok <paul.hrolenok at ...3147...>





More information about the Snort-users mailing list