sfPortScan - Snort 2.8.5.1

[Tim Clarkson <timothyclarkson () hotmail com>]

Hi there everyone,
 
I have snort up and running thanks to everything I have read here.  I now have a problem with the sfPortScan part of 
the configuration.
 
 
sfPortscan is creating a log file and detecting the portscan activity (some times), I am using nmap from another 
machine to generate the scan activity. The main issue I have is it does not generate an alert but only writes to the 
log file.

 

If someone could point me in the right direction it would be appreciated.
 
Regards
Tim Clarkson

P.S. is sfPortScan a bit flaky on the detection, even set to high it is not getting all the activity. 


 

                                          
_________________________________________________________________
View photos of singles in your area. Click here 
http://clk.atdmt.com/NMN/go/163036679/direct/01/

------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users