Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort not logging port scans

From: "Abe Froman" <abe__froman () hotmail com>
Date: Sun, 28 Dec 2003 22:49:22 -0600
I ran(from another machine on a different network)
nmap -sS 45.9.3.115
nmap  45.9.3.115
nmap -O 45.9.3.115

But the port scan log is empty
# ll /var/log/portscan.log
-rw-r--r-- 1 root root 0 Dec 28 22:22 /var/log/portscan.log 

even through i added
preprocessor portscan: 45.9.3.0/24 5 7 /var/log/portscan.log

# preprocessor flow: stats_interval 0 hash 2
preprocessor portscan: 45.9.3.0/24 5 7 /var/log/portscan.log
# frag2: IP defragmentation support

and started snort by running
./snort -de -l ./log

Got any tips?

_________________________________________________________________
Get reliable dial-up Internet access now with our limited-time introductory offer. http://join.msn.com/?page=dept/dialup 



-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: