[Snort-users] portscan2 output

phani kumar phanichv at ...3390...
Thu Apr 15 10:22:04 EDT 2004


An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040415/9bc73f34/attachment.html>
-------------- next part --------------
Hi everybody,

I am new to snort. Please help me out.
Does portscan2 preprocessor work with alert_CSV output plugin ? If it works, how to specify that in snort.conf file?

I actually want various fields of ip, tcp headers to be logged in some format, which can be done by alert_CSV plugin. But the portscan2 plugin does not give any alert with this plugin. It only gives some details in the log file.

Can any one help me how to get all the different fields of ip, tcp, icmp headers to be logged using portscan2 preprocessor?

--phani

CH.V.PHANI KUMAR
239, Brahmaputra Hostel
IIT Madras,
Chennai - 600036

Cell - 9444103019


More information about the Snort-users mailing list