Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: ACID not recording attacks

From: "Hicks, John" <JHicks () JUSTICE GC CA>
Date: Fri, 15 Nov 2002 16:16:46 -0500
Try changing the DB output setup from:
        output database: log, mysql, <other options>
to:
        output database: alert, mysql, <other options>

hth,
John

-----Original Message-----
From: Al Cooper [mailto:alc () 2wh com]
Sent: Thursday, November 14, 2002 3:25 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] ACID not recording attacks


I am new to Snort.

I have built a database box and one sensor as per the Steven Scott's how-to
using "Snort, MySql, SnortCenter and ACID on Redhat 7.3".

Everything on the SnortCenter side looks good (no errors that I can find).
I have lunched several nmap scans against my IP and ACID/Snort is not
recording any attacks. The nmap traffic is getting to my box.  I can see the
by using TCPDump.

What would cause attack not to be recorded yet no errors are being reported
to SnortCenter?

Thanks for your help,

Al Cooper
Senior Network Engineer
Technology Lynx



-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing 
your web site with SSL, click here to get a FREE TRIAL of a Thawte 
Server Certificate: http://www.gothawte.com/rd524.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing 
your web site with SSL, click here to get a FREE TRIAL of a Thawte 
Server Certificate: http://www.gothawte.com/rd524.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: