Re: Where are portscans stored ?

[Kevin Riggins <kriggins () comdev com>]

When loggin to a database, you have to change the log level from log to
alert.  Portscans will then be logged to the database and the
portscan.log file.

Kevin

On Wed, 2002-06-19 at 09:09, Hilton De Meillon wrote:
> Hey All,
>
> Yesterday I changed my snort config to log its info to a Mysql database. Are
> portscans now logged to the database or to the /var/log/snort/portscan.log
> file ?, 
> because when I purposely portscan my machine form another machine (using
> nmap) it picks them up in ACID ??. 
>
> Second question (semi-OT) : I am running ACID v0.9.6b21 and when I portscan
> my box using nmap (tcp or udp scan) the status page says that the have
> been no portscans  Anyone experiencing the same thing ?.
>
> Hilton.
>
>
> Hilton De Meillon
> Brait IT
> Tel.  011-5071342
> Fax. 011-5071343
> Cel.  082-4590710
> hdemeillon () brait com
>
>
> "Common sense is the collection of prejudices acquired by age eighteen."
> - Albert Einstein
>
>
>
> ----------------------------------------------------------------------------
>                    Bringing you mounds of caffeinated joy
>                    >>>     http://thinkgeek.com/sf    <<<
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users




-------------------------------------------------------
                   Bringing you mounds of caffeinated joy
                   >>>     http://thinkgeek.com/sf    <<<

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users