Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: No Alerts

From: Matt Kettler <mkettler () evi-inc com>
Date: Tue, 26 Aug 2003 14:56:12 -0400
At 07:08 PM 8/25/2003 -0700, russ () 411russ com wrote:

Hi,
I've configured SNORT with ACID and everything seems ok. But when I run port scans the scans report all the correct information but ACID never shows any alerts.
Are you using one of the portscan preprocessors in a way which would cause your scan to trigger an alert?
Have you verified using tcpdump that the snort sensor is even seeing the traffic in the first place? 


-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: