Snort mailing list archives

Re: Portscan.log utility

From: Erek Adams <erek () theadamsfamily net>
Date: Wed, 1 May 2002 11:25:31 -0700 (PDT)

On Wed, 1 May 2002, Steve Rudolph wrote:

Does anyone have a portscan.log utility so I can see what Ips are scanning
and which ports they are scanning?


Other than 'tail -f portscan.log'?  ;-)  Not that I know of...

You could dump them into ACID, but there's no packet info.

One thing that's useful in that case is the 'root-tail' program.  Have it do
the tail -f in your X window root.

Cheers!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net


_______________________________________________________________

Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: bandwidth () sourceforge net
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Portscan.log utility Steve Rudolph (May 01)
- Re: Portscan.log utility Erek Adams (May 01)
- <Possible follow-ups>
- RE: Portscan.log utility Dell, Jeffrey (May 01)
- RE: Portscan.log utility Ryan Hill (May 01)