The Port scan on the first page in ACID is looking for a file with port
scanning activity. You have to setup Snort to log the port scanning activity
with the Portscan Detector
http://www.snort.org/docs/writing_rules/chap2.html#tth_sEc2.4.2
Shirkdog
From: "RD R" <careergeek@hotmail.com>
To: snort-users@lists.sourceforge.net
Subject: [Snort-users] Port scan not being logged? at 0 %?
Date: Tue, 28 Sep 2004 19:52:31 -0400
_________________________________________________________________
On the road to retirement? Check out MSN Life Events for advice on how to
get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
--- Begin Message ---
|
Subject: |
[Snort-users] Port scan not being logged? at 0 %? |
|
Date: |
Tue, 28 Sep 2004 19:52:31 -0400 |
I am running snort on XP with PHP 4, MySQL and Acid. Everything is running well except the port scan is still at 0%?? What does this mean? How can I test this to see if it is functioning correctly? Thanks!
On the road to retirement? Check out MSN Life Events for advice on how to get there!
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
--- End Message ---
