Portscan Error (SnortCenter + ACID)

["Read, Andrew" <andrew.read () nz teletech com>]

Hi all,

I am running SnortCenter (0.9.6)/ACID(0.9.6b23)/MYSQL with a remote snort
sensor.

I am trying to get the portscan reporting working (I can get entries from
using alert, but want to get the file loading from acid too).

At this stage I am manually copping the portscan.log file from the sensor to
/var/log/snort/ on the Acid box.

I get the following error:

Warning: fopen("/var/log/snort/portscan.log", "r") - Permission denied in
/var/www/html/acid/acid_stat_ipaddr.php on line 50
PORTSCAN EVENT ERROR: Unable to open Portscan event file
'/var/log/snort/portscan.log'

The file will load if I move it to the /var/www/html/acid directory, and
make the corresponding changes to the acid conf file.

I am not very experienced with linux, and I'm guessing this might be pretty
straightforward for a lot of you.

Regards,

Andrew


************************************************************
The information contained in this email is confidential and
may be legally privileged. If the reader of this message is
not the intended recipient you are hereby notified that any
use, dissemination, distribution, or reproduction of this 
message is prohibited. If you have received this message in
error please notify the sender and delete all copies of this
message including any attachments it may contain.
The email or its content does not necessarily represent the 
views of the company.
************************************************************


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users