Snort mailing list archives
RE: snort rule to detect nmap portscan with -P0 opt ion
From: "Schott, Erik J Mr ANOSC/FCBS" <erik.schott-FCBS () NETCOM ARMY MIL>
Date: Tue, 11 Jan 2005 14:20:29 -0700
The mail server has the hiccups again. -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of linux Sent: Sunday, January 09, 2005 10:11 PM To: Snort-users () lists sourceforge net Subject: [Snort-users] snort rule to detect nmap portscan with -P0 option dear all, I'm using snort and snortsam in my organization to keep watch on all network activity. To block suspicious activity i have configure snortsam along with snort.. everythign is working fine .. But i noticed that port scan attack plcaed with -P0 option are not getting detected . Pl help me out to detect that also . With regards linux admin ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: snort rule to detect nmap portscan with -P0 opt ion Schott, Erik J Mr ANOSC/FCBS (Jan 11)