![snort logo](/images/snort-logo.png)
Snort mailing list archives
What could be the reason....HELP
From: "Ronneil Camara" <ronneilc () remingtonltd com>
Date: Thu, 22 Nov 2001 13:34:05 -0600
What could be the reason why attacks are not recorded on my database. I tried demarc but I usually run snort manually. I can see the attack if I will remove logging of snort to mysql in snort.conf and logs will be stored in /var/log/snort. The only traffic that are recorded now are portscan, icmp. And am on a hub. I used snort on a non-ip interface. Can you check the debug and my snort.conf if I have missed anything please. http://24.253.67.105/snort/debug.txt http://24.253.67.105/snort/snort.conf And what would be the appropriate approach to disable false positive? Thanks. Neil
Current thread:
- What could be the reason....HELP Ronneil Camara (Nov 22)