Snort mailing list archives
Re: Minimal configuration port scanning
From: "Kevin Reiter" <KReiter () insidefsi net>
Date: Fri, 30 Mar 2007 17:33:06 -0400
-----Original Message----- From: snort-users-bounces () lists sourceforge net [mailto:snort-users-bounces () lists sourceforge net]On Behalf Of Josep Pujadas i Jubany Sent: Friday, March 30, 2007 5:17 PM To: SNORT Subject: Re: [Snort-users] Minimal configuration port scanning On Fri, 30 Mar 2007 13:04:11 -0400, Joel Esler wrote
There is extensive documentation on the sfportscan preprocessor in the
docs/ directory that came with your Snort software.
Look for README.sfportscan +---------------------------------------------------------------------+
Joel,
I read it before ...
Is there any form to test if sfportscan is working?
It seems like not working for my snort.
Thanks,
Josep Pujadas
Portscan your snort sensor and check out the results. I use a quick nmap scan to test this: # nmap -v -v -sS -P0 -p1-65535 {snort IP} Also make sure you specify the logfile to use to log the portscans, and make sure Snort is able to read/write to the logfile. HTH Kevin Kevin Reiter Senior Security Engineer Financial Services, Inc. 21 Harristown Road Glen Rock, New Jersey 07452 (201)652-6000, ext. 588 PGP ID: 0xEE665233 This message may contain confidential or proprietary information and is intended solely for the individual(s) to whom it is addressed. If you are not a named addressee you should not disseminate, distribute or copy this e-mail or act upon the information contained herein. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Minimal configuration port scanning Josep Pujadas i Jubany (Mar 30)
- Re: Minimal configuration port scanning Joel Esler (Mar 30)
- Re: Minimal configuration port scanning Josep Pujadas i Jubany (Mar 30)
- Re: Minimal configuration port scanning Kevin Reiter (Mar 30)
- Re: Minimal configuration port scanning Josep Pujadas i Jubany (Mar 30)
- Re: Minimal configuration port scanning Joel Esler (Mar 30)