Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Portscans, alerts, and Database question

From: Kevin Peuhkurinen <kevinp () routergod com>
Date: Fri, 13 Sep 2002 10:37:18 -0400
Hi all.  I'm setting up a Snort install with one sensor in front of my
firewall and a second behind it.   The internal sensor machine also
hosts a mySQL database which both sensors log events to.

I *don't* want portscans logged to the database (I'll use SnortSnarf to
report on the portscans directly from the portscans.log file).   I
understand that if I change the database output plugin type to "log"
from "alert", the portscans won't get sent to the database.  But will
making this change affect anything else?

Thanks!
Kevin





-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: