Snort mailing list archives
sfPortScan - Snort 2.8.5.1
From: Tim Clarkson <timothyclarkson () hotmail com>
Date: Tue, 22 Dec 2009 00:05:17 +1300
Hi there everyone, I have snort up and running thanks to everything I have read here. I now have a problem with the sfPortScan part of the configuration. sfPortscan is creating a log file and detecting the portscan activity (some times), I am using nmap from another machine to generate the scan activity. The main issue I have is it does not generate an alert but only writes to the log file. If someone could point me in the right direction it would be appreciated. Regards Tim Clarkson P.S. is sfPortScan a bit flaky on the detection, even set to high it is not getting all the activity. _________________________________________________________________ View photos of singles in your area. Click here http://clk.atdmt.com/NMN/go/163036679/direct/01/
------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- sfPortScan - Snort 2.8.5.1 Tim Clarkson (Dec 21)