IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Snort rules setup.

From: phunked up! <phunkodelic () gmail com>
Date: Wed, 30 Nov 2005 14:13:43 -0500
I am trying to get rid of the errors of: "(portscan) Open Port" in my
Snort logs.  They are filling it up quite fast.  I have put a line in
the threshold.conf file and enabled that file in the snort.conf file
but that has done nothing so far.

Setup is Centos/MySQL/Snort/BASE.  Any advice would be much appreciated.

Thanks!

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: