Snort mailing list archives
RE: PortScan Configuration in snort.conf
From: Ruiyuan Jiang <Ruiyuan_Jiang () liz com>
Date: Wed, 19 May 2004 13:25:15 -0400
Thanks, Michael It works. Ryan Jiang -----Original Message----- From: Michael Steele [mailto:michaels () winsnort com] Sent: Wednesday, May 19, 2004 10:49 AM To: snort-users () lists sourceforge net Subject: RE: [Snort-users] PortScan Configuration in snort.conf It's still supported. Just copy your old "preprocessor portscan" line from your old snort.conf to your new snort.conf and restart snort. Kindest regards, Michael... WINSNORT.com Management Team Member -- Pick up your FREE Windows or UNIX Snort installation guides mailto:support () winsnort com Website: http://www.winsnort.com Snort: Open Source Network IDS - http://www.snort.org ________________________________________ From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Ruiyuan Jiang Sent: Wednesday, May 19, 2004 5:22 AM To: snort-users () lists sourceforge net Subject: [Snort-users] PortScan Configuration in snort.conf Hi, all I upgraded my snort from 2.0.5 to 2.1.2 (mysql, php, apache, ACID). After upgrade, I don't see port scan traffic anymore in "Traffic Profile by Protocol". I looked at the snort.conf from 2.1.2 distribution and there is no more portscan.log item anymore. I enabled flow-portscan in snort.conf but there is definition for the log location. I don't see portscan traffic. Am I doing something wrong? Thanks. Ryan Jiang ------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id%62&alloc_ida84&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- PortScan Configuration in snort.conf Ruiyuan Jiang (May 19)
- RE: PortScan Configuration in snort.conf Michael Steele (May 19)
- <Possible follow-ups>
- RE: PortScan Configuration in snort.conf Ruiyuan Jiang (May 19)