Snort mailing list archives
Re: Snort Log only shows http_inspects
From: G Ramon Gomez <gene () gomezbrothers com>
Date: Mon, 26 Dec 2005 09:22:05 -0800
How is your network set up? Is snort in a place where it can actually see all traffic?
What flags are you starting snort with? How are the preprocessors configured? - Ramon Palula Brasil wrote:
I'm running snort as a service. It starts automatically when my Linuxbox (Fedora Core 3) starts. But I think something is wrong because it isn'r logging any portsweping or portscans on the log folder. It only logs (http_inspect) wich I think happens when we browse sites with evil content... I made some portsweeping yesterday from a computer outside my network (at work) and Snort didn't report anything...
------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort Log only shows http_inspects Palula Brasil (Dec 24)
- Re: Snort Log only shows http_inspects G Ramon Gomez (Dec 26)