Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: portscan2 - display which ports scanned in acid

From: "Kreimendahl, Chad J" <Chad.Kreimendahl () umb com>
Date: Fri, 19 Mar 2004 11:09:05 -0600
 
Along these same lines it would be very neat if pktkludge option in
flow-portscan would list out all the src > dst info in the packet space.

________________________________

From: Andy Simpson [mailto:Andy.Simpson () datgroup com] 
Sent: Friday, March 19, 2004 9:48 AM
To: Marcin Laskowski; snort-users () lists sourceforge net
Subject: RE: [Snort-users] portscan2 - display which ports scanned in
acid


Thanks Maxim, i'll give it a go.
 
 
_______________________________________

Andy Simpson

Senior Consultant

DAT Group

DDI:    +44 1580 831 642

Mobile: +44 7977 256 342

Email:   andy.simpson () datgroup com


________________________________

        From: Marcin Laskowski [mailto:cineklas () wp pl] 
        Sent: 19 March 2004 15:40
        To: Andy Simpson; snort-users () lists sourceforge net
        Subject: Re: [Snort-users] portscan2 - display which ports
scanned in acid
        
        
        http://acidlab.sourceforge.net/acid_faq.html#faq_b7
         
         
        -------------------------------------
        Greetings, Maxim
         
         
         

                ----- Original Message ----- 
                From: Andy Simpson <mailto:Andy.Simpson () datgroup com>  
                To: snort-users () lists sourceforge net 
                Sent: Tuesday, March 16, 2004 4:03 PM
                Subject: [Snort-users] portscan2 - display which ports
scanned in acid

                Hi,
                 
                Sorry if this question has alredy been posted...
                 
                Is there any way of getting Acid to show which ports
were scanned in an alert as per the spp_portscan2 output?
                 
                The entries work fine and display but I would like to be
able to include which hosts & ports were scanned.
                 
                 
                Any ideas?
                 
                 
                
                Cheers, Andy Simpson
                 
                _______________________________________

                Andy Simpson

                Senior Consultant

                DAT Group

                DDI:    +44 1580 831 642

                Mobile: +44 7977 256 342

                Email:   andy.simpson () datgroup com

                


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: