Setup Information
I am doing experiment on portscan detection using snort 2.9.8.I have 10 systems in my lab with id:1,2,3,...,10. i have installed snort in my lab-pc with id:1.Now i am using Pc with id:2 to scan the PC's in lab using nmap.
Doubt
When i scan the machine on which snort is installed(id:1),i get the portscan alerts,however when i scan other systems(ex: system with id:3),snort doesnot generate any alerts.
So,why is snort unable to generate portscan Alerts in this scenario?.
(I was assuming that snort monitors packets in HOME_NETWORK in promiscous mode,Kindly correct me if i am wrong.)