Snort mailing list archives

Re: Snort Log only shows http_inspects

From: G Ramon Gomez <gene () gomezbrothers com>
Date: Mon, 26 Dec 2005 09:22:05 -0800

How is your network set up? Is snort in a place where it can actuallysee all traffic?

What flags are you starting snort with?
How are the preprocessors configured?

- Ramon

Palula Brasil wrote:

I'm running snort as a service. It starts automatically when my Linuxbox
(Fedora Core 3) starts. But I think something is wrong because it isn'r
logging any portsweping or portscans on the log folder. It only logs
(http_inspect) wich I think happens when we browse sites with evil
content...

I made some portsweeping yesterday from a computer outside my network (at
work) and Snort didn't report anything...



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort Log only shows http_inspects Palula Brasil (Dec 24)
- Re: Snort Log only shows http_inspects G Ramon Gomez (Dec 26)