[Techtalk] SNORT setup

[James]

I have a SNORT sensor watching our /24.  However, it doesn't seem to be
picking up a lot of attacks.  

For example, I only see SOCKS 1080 probes that occur directly to the
SNORT sensor, not any of our servers.  Is there anyway to make the
sensor more sensitive to this?

I seem to remember a long time ago I had it setup and it used to detect
more attacks.  The sensor is working, as I always get to see oodles of
CodeRed/Nimda traffic :rolleyes:.

- James