Snort mailing list archives

Snort and alert file

From: ftnx () ksbase com (Kari Suomela)
Date: Tue, 21 Aug 2001 21:09:02 -0500


Tuesday August 21 2001 15:21, Justin Tabish wrote to All:


 JT> Been running snort for 3 days and I've been getting portscans and
 JT> unprivliaged accesses to my system yet my alert file is 0bytes ... 
 JT> How
 JT> can I fix this cause I would like to have this thing work. I do 
 JT> not
 JT> use -A Full and I'm using the most current rulesets from snort.org

I had that, too. Logging to mysql improved the situation slightly, but 
only a fraction of the 'attacks' get logged.

 KS

   KARICO Business Services
   Toronto, ON Canada
   http://www.karico.ca


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort and alert file Justin Tabish (Aug 21)
- Snort and alert file Kari Suomela (Aug 21)