Snort mailing list archives
Re: Snort 2.3 RC1, what right to scan.log?
From: Matt Kettler <mkettler () evi-inc com>
Date: Tue, 30 Nov 2004 11:59:40 -0500
At 10:57 AM 11/30/2004, Bill Warren wrote:
In Snort 2.3 RC1, what tells Snort to write to scan.log? Can you change the name and location of the file?Thanks, Bill
I suspect that is the portscan2 preprocessor. scan.log is it's default filename.
I'd disable portscan2 if your snort.conf still calls it. It's not really very useful IMO, and isn't even mentioned in 2.3's snort.conf anymore.
It could also be sfportscan. Looking at it's code however, it's hard to see how it works if you don't specify a logfile option.
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users.Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort 2.3 RC1, what right to scan.log? Bill Warren (Nov 30)
- Re: Snort 2.3 RC1, what right to scan.log? Matt Kettler (Nov 30)
- Re: Snort 2.3 RC1, what right to scan.log? Jeremy Hewlett (Dec 01)
- Re: Snort 2.3 RC1, what right to scan.log? Matt Kettler (Nov 30)