Re: Port Scan traffic not showing

[Paul Hrolenok <paul.hrolenok () verizon net>]

Nick 

        If you are using the default setup with a MySQL db then you will need
to change the output plugin line in your snort.conf file to use the
"alert" facility rather than "log".  look for the line 

output database: log, mysql, user=x password=x dbname=x host=x

and change it to read

output database: alert, mysql, user=x password=x dbname=x host=x

This is somewhere either in the list archives or the docs don't remember
where I found it. :-)

On Mon, 2003-01-06 at 11:46, linuxnews () wormfishin com wrote:
> I recentely installed Snort and i'm using the Acid console for output, I 
> can't seem to get logs though for port scan traffic, i've done multiple 
> port scans on the network but nothing is showing up.  I made sure that the 
> port scan rules were not commented out, I'm wondering if it's because we 
> have a token ring network?  Does anyone have any ideas?
>
> Thanks!
> Nick
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- 
Paul Hrolenok <paul.hrolenok () verizon net>



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users