|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Snort-users] ACID / SnortSnarf
From: Fred McFeeters (nfolink
hotmail.com)
Date: Sun Jan 25 2004 - 00:57:03 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello
I currently have working 2 snort sensors one on my firewall and one inside
the firewall with a MySql and web server with acid on another pc. Now I have
seen snortsnarf and thought it was pretty lame but it did do one thing I
can't figure out how to do in acid. When it detected a port scan snortsnarf
allows me to see every port that they tried to connect to I get a list of
there scan so I can get some kind of idea what they where looking for. Any
one knows how to do this with acid when my sensors are located on sepearte
machines so I don't have access to the portscan.log file.
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]