|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Snort-users] Snort Log only shows http_inspects
From: G Ramon Gomez (gene
gomezbrothers.com)
Date: Mon Dec 26 2005 - 11:22:05 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
How is your network set up? Is snort in a place where it can actually
see all traffic?
What flags are you starting snort with?
How are the preprocessors configured?
- Ramon
Palula Brasil wrote:
>I'm running snort as a service. It starts automatically when my Linuxbox
>(Fedora Core 3) starts. But I think something is wrong because it isn'r
>logging any portsweping or portscans on the log folder. It only logs
>(http_inspect) wich I think happens when we browse sites with evil
>content...
>
>I made some portsweeping yesterday from a computer outside my network (at
>work) and Snort didn't report anything...
>
>
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]