I am currently messing around with Snort also... I tried a program called Port Sentry (detects and actively defends against portscans). The problem I had with port sentry is I am running it on my gateway/firewall. The program works great for any client behind the firewall portscanning the gateway but anyone outside could portscan and it would not detect it. After pulling my hair out for a few hours I found that my firewall was blocking the traffic and port sentry wasn't getting the packets. So now I am playing with snort to see if does the same thing.