Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Portscan Rule

From: "tantioification . via Snort-users" <snort-users () lists snort org>
Date: Wed, 12 Jul 2017 12:20:31 +0700
When i try to test portscan using nmap, there is no alert.
then i search in snort.rules, i find port scan rule is disabled. The SID
630 is port scan rule, right?
Could i enable it in snort.rules or i have to add that rule to local.rules?
i have tried before to add that rule to local.rules but still no alert.

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: