Snort mailing list archives

Re: Portscan Traffic?

From: Daniél Haslinger <daniel.haslinger () rotheneder com>
Date: Tue, 12 Aug 2003 08:00:01 +0200

Do you mean you just want to have portscans logged or 
you want to know how much traffic the portscans produced?

For the first case just enable the integrated Portscan PreProcessor
(there are 2 types, PortScan and PortScan2)

it logs portscans on your triggers to your desired file.

hope that helps !


     Daniél Haslinger
      Security & Engineering 

--------------------------------------------------------------------------------

      :: Rotheneder GmbH Schillerplatz 1 - A 3100 St.Pölten 
      :: eMail daniel.haslinger () rotheneder com 
      :: website http://www.rotheneder.com

Current thread:

Portscan Traffic? Peters, Michael D. (Aug 11)
- Re: Portscan Traffic? Daniél Haslinger (Aug 11)