Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: ACID and portscan reporting

From: "Karen Marino" <kmarino () returncentral com>
Date: Tue, 16 Oct 2001 09:38:17 -0400
The FAQ says to change the output line in your snort.conf to:

output database: alert, mysql, user=user dbname=snort host=localhost

My question is, does this stop snort from logging to the log file and
the database?  I like that I have it logging to both.  Sorry, I'm new to
this.

Karen


-----Original Message-----
From: roman () danyliw com [mailto:roman () danyliw com] 
Sent: Monday, October 15, 2001 8:05 PM
To: Lists
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] ACID and portscan reporting 

The database plugin probably has not been configured correctly to
support portscans.
See Question #B-7 of the ACID FAQ:
http://acidlab.sourceforge.net/acid_faq.html

Roman


On Wed, 19 Sep 2001, Lists wrote:


I see that port scans are being logged to alert.ids, yet nothing

shows

up in ACID under portscans.

All of the rules seem to be working fine.  I am sure this is

probably

something simple that I am overlooking.

Anybody?



Ben

Keepper


---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: