Snort mailing list archives
RE: ACID Portscan Traffic (0%)
From: "Chris Eidem" <ceidem () Dexma com>
Date: Wed, 11 Dec 2002 15:58:41 -0600
don't forget to chmod it so that your webserver can read it. usually, apache runs as nobody/nobody or web/web or something and the file's permission is something like 600 (rw-------). - chris
-----Original Message----- From: Luo, Philip [mailto:Philip_Luo () adp com] Sent: Wednesday, December 11, 2002 2:23 PM To: Snort Users (E-mail) Subject: RE: [Snort-users] ACID Portscan Traffic (0%) I am having the same problem. I did check the acid_conf.php file, it looks ok, and my scan.log is getting bigger, which ACID can not show. -----Original Message----- From: Hicks, John [mailto:JHicks () JUSTICE GC CA] Sent: Wednesday, December 11, 2002 11:13 AM To: 'Gary Borgeson'; Snort Users (E-mail) Subject: RE: [Snort-users] ACID Portscan Traffic (0%) From the config doc (http://www.andrew.cmu.edu/~rdanyliw/snort/acid_config.html) [OPTIONAL for Snort portscan pre-processor support] $portscan_file : full path to a Snort portscan log file set this in acid.conf. hth, John Hicks hth, John Hicks -----Original Message----- From: Gary Borgeson [mailto:gborgeson () aecc com] Sent: Wednesday, December 11, 2002 10:22 AM To: 'snort-users () lists sourceforge net' Subject: [Snort-users] ACID Portscan Traffic (0%) On the ACID main page we have Traffic Profile by Protocol including Portscan Traffic. This % has stayed at 0 since day one. Even when I launch my own scan it stays at 0%. There is plenty of stuff in portscan.log. How should I interpret this? Thanks, G ------------------------------------------------------- This sf.net email is sponsored by: With Great Power, Comes Great Responsibility Learn to use your power at OSDN's High Performance Computing Channel http://hpc.devchannel.org/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This sf.net email is sponsored by: With Great Power, Comes Great Responsibility Learn to use your power at OSDN's High Performance Computing Channel http://hpc.devchannel.org/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This sf.net email is sponsored by: With Great Power, Comes Great Responsibility Learn to use your power at OSDN's High Performance Computing Channel http://hpc.devchannel.org/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ACID Portscan Traffic (0%) Gary Borgeson (Dec 11)
- <Possible follow-ups>
- RE: ACID Portscan Traffic (0%) Slighter, Tim (Dec 11)
- RE: ACID Portscan Traffic (0%) Hicks, John (Dec 11)
- RE: ACID Portscan Traffic (0%) Luo, Philip (Dec 11)
- RE: ACID Portscan Traffic (0%) Robby Desmond (Dec 17)
- RE: ACID Portscan Traffic (0%) Pacheco, Michael F. (Dec 11)
- RE: ACID Portscan Traffic (0%) Chris Eidem (Dec 11)
- RE: ACID Portscan Traffic (0%) Slighter, Tim (Dec 12)
- RE: ACID Portscan Traffic (0%) Morgan, Joel (Macon State College) (Dec 17)
- RES: ACID Portscan Traffic (0%) Coelho (Dec 17)