Snort mailing list archives
portscans and ACID
From: "Mike Macias" <mike.macias () caci-nsg com>
Date: Tue, 19 Mar 2002 15:58:12 -0500
I've been looking through the snort users archive and found plenty of documentation on how to get ACID to see portscans. I've finally got things working, however I'm a little concerned about my solution. In snort.conf I have 2 output plugins specified: output database: log, mysql, user=snort password=abcdef dbname=snort_db host=localhost output database: alert, mysql, user=snort password=abcdef dbname=snort_db host=localhost (so that ACID can see portscans) Will having 2 outputs specified adversely affect any data in the MySQL db?
Current thread:
- portscans and acid Basil Saragoza (Mar 13)
- <Possible follow-ups>
- RE: portscans and acid Chris Eidem (Mar 13)
- Re: portscans and acid Roman Danyliw (Mar 13)
- Re: portscans and acid Basil Saragoza (Mar 14)
- portscans and ACID Mike Macias (Mar 19)
- Re: portscans and ACID Omar McKenzie (Mar 21)