Snort mailing list archives
Re: ACID not reporting Portscan Traffic...sort of...
From: "mike Hughes" <mikehughes013 () hotmail com>
Date: Wed, 26 Mar 2003 16:02:53 -0800
Hey whats up! Did you find a solution for this problem cause i go the exact same problem!
From: "Tobias Rice" <rice () up edu> To: <snort-users () lists sourceforge net> Subject: [Snort-users] ACID not reporting Portscan Traffic...sort of... Date: Mon, 24 Mar 2003 16:33:16 -0800 MIME-Version: 1.0Received: from mc10-f34.bay6.hotmail.com ([65.54.166.170]) by mc10-s1.bay6.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Mon, 24 Mar 2003 16:35:59 -0800 Received: from sc8-sf-list2.sourceforge.net ([66.35.250.206]) by mc10-f34.bay6.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Mon, 24 Mar 2003 16:35:59 -0800 Received: from sc8-sf-list1-b.sourceforge.net ([10.3.1.13] helo=sc8-sf-list1.sourceforge.net)by sc8-sf-list2.sourceforge.net with esmtp (Exim 3.31-VA-mm2 #1 (Debian))id 18xcOP-0000dD-00; Mon, 24 Mar 2003 16:34:17 -0800 Received: from lhotse.up.edu ([64.251.254.9])by sc8-sf-list1.sourceforge.net with esmtp (Cipher TLSv1:DES-CBC3-SHA:168) (Exim 3.31-VA-mm2 #1 (Debian))id 18xcNa-0000UG-00for <snort-users () lists sourceforge net>; Mon, 24 Mar 2003 16:33:27 -0800 Received: from P09809 (64-251-250-241.up.edu [64.251.250.241])by lhotse.up.edu (8.12.8/8.12.8) with ESMTP id h2P0Xen3021614for <snort-users () lists sourceforge net>; Mon, 24 Mar 2003 16:33:40 -0800X-Message-Info: wCrlMA1YA+jz0bnTWff2CC2u6sdadwmq Message-ID: <003401c2f266$2083f4e0$f1fafb40 () campus up edu> X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal Sender: snort-users-admin () lists sourceforge net Errors-To: snort-users-admin () lists sourceforge net X-BeenThere: snort-users () lists sourceforge net X-Mailman-Version: 2.0.9-sf.net Precedence: bulk List-Help: <mailto:snort-users-request () lists sourceforge net?subject=help> List-Post: <mailto:snort-users () lists sourceforge net>List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/snort-users>,<mailto:snort-users-request () lists sourceforge net?subject=subscribe> List-Id: Snort users talk about... Snort! <snort-users.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/snort-users>,<mailto:snort-users-request () lists sourceforge net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum=snort-users>X-Original-Date: Mon, 24 Mar 2003 16:33:16 -0800 Return-Path: snort-users-admin () lists sourceforge netX-OriginalArrivalTime: 25 Mar 2003 00:35:59.0109 (UTC) FILETIME=[81626350:01C2F266]-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello again!I'm using ACID 9.6b23 and all is working just fine, with the exception of the "Portscan Traffic" portion of the "Traffic Profile by Protocol" on the home page. It just reads 0%. When I click on the 0% it shows me all of the portscan2 traffic just fine. I have the path in the acid_conf.php pointing to the name-of-the.log file and the permissions seem right for the file, but no dice.Any suggestions? Many thanks in advance. -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPn+jzMNinOuDXR1bEQKOkQCcDqHJb+SoEbGscOwIyNOnxnojKzYAnRIK NNc7fZccN6Sskt983RtPbJxu =vsuE -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.net email is sponsored by: The Definitive IT and Networking Event. Be There! NetWorld+Interop Las Vegas 2003 -- Register today! http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_________________________________________________________________Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
------------------------------------------------------- This SF.net email is sponsored by: The Definitive IT and Networking Event. Be There! NetWorld+Interop Las Vegas 2003 -- Register today! http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ACID not reporting Portscan Traffic...sort of... Tobias Rice (Mar 24)
- <Possible follow-ups>
- Re: ACID not reporting Portscan Traffic...sort of... mike Hughes (Mar 26)
- RE: ACID not reporting Portscan Traffic...sort of... Tobias Rice (Mar 27)