Snort mailing list archives
RE: Help with a config file please?
From: snort () xiata com
Date: Fri, 4 Apr 2003 18:31:26 -0500 (EST)
Geoff, I have them both enabled but here is a copy|paste of the details from ACID. ID # Time Triggered Signature 2 - 18 2003-04-04 16:47:32 [snort] spp_portscan: End of portscan from 111.222.333.444: TOTAL time(81s) hosts(1) TCP(357) UDP(0) so from reading that I assume that the one that picked it up was portscan. Carlos
Are you using portscan or portscan2 to pickup the scans?
------------------------------------------------------- This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Help with a config file please? snort (Apr 03)
- <Possible follow-ups>
- RE: Help with a config file please? L. Christopher Luther (Apr 04)
- RE: Help with a config file please? snort (Apr 04)
- RE: Help with a config file please? L. Christopher Luther (Apr 04)
- RE: Help with a config file please? snort (Apr 04)
- RE: Help with a config file please? L. Christopher Luther (Apr 04)
- RE: Help with a config file please? snort (Apr 04)
- RE: Help with a config file please? snort (Apr 04)
- RE: Help with a config file please? snort (Apr 04)
- RE: Help with a config file please? L. Christopher Luther (Apr 04)
- RE: Help with a config file please? snort (Apr 08)