Snort mailing list archives
RE: ACID not recording attacks
From: "Hicks, John" <JHicks () JUSTICE GC CA>
Date: Fri, 15 Nov 2002 16:16:46 -0500
Try changing the DB output setup from: output database: log, mysql, <other options> to: output database: alert, mysql, <other options> hth, John -----Original Message----- From: Al Cooper [mailto:alc () 2wh com] Sent: Thursday, November 14, 2002 3:25 PM To: snort-users () lists sourceforge net Subject: [Snort-users] ACID not recording attacks I am new to Snort. I have built a database box and one sensor as per the Steven Scott's how-to using "Snort, MySql, SnortCenter and ACID on Redhat 7.3". Everything on the SnortCenter side looks good (no errors that I can find). I have lunched several nmap scans against my IP and ACID/Snort is not recording any attacks. The nmap traffic is getting to my box. I can see the by using TCPDump. What would cause attack not to be recorded yet no errors are being reported to SnortCenter? Thanks for your help, Al Cooper Senior Network Engineer Technology Lynx ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ACID not recording attacks Al Cooper (Nov 14)
- <Possible follow-ups>
- RE: ACID not recording attacks Hicks, John (Nov 15)