[Snort-devel] About distributed portscans
mamata at ...894...
Wed Oct 17 03:35:14 EDT 2001
I am a graduate student and as part of my final project, was thinking of
implementing a distributed portscan detector. I believe snort portscan
detector detects one->one and one->many portscans, and there is work
going on to build the many->one and the many->many modules.
I would like to work on something like that. Could anybody provide me
with some guidance/suggestions as to how I should proceed ? I wud like
to know what are the 'to do's in this area, so that I can focus my work
efforts and help contribute in some way.
Final year, M.Tech, CSE Department, IIT Bombay
More information about the Snort-devel