[Snort-users] using flow_portscan with acid

Adam Denenberg straightflush at ...11827...
Tue Jul 13 07:24:06 EDT 2004


i enabeld flow_portscan in snort 2.2.0-RC1 as a replacement for
portscan2.  however i would like the portscan traffic to show up in
the acid main console screen but it does not.
 
  i am using unififed output with barnyard logging to a remote
database.  The flow_portscan alerts show up when i go to "unique
alerts" but not in the main page.

 is there any way to integrate these two?  Do i need to enable
portscan2 for this to work ?

thanks
adam




More information about the Snort-users mailing list