[Snort-devel] About distributed portscans

Mamata Desai mamata at ...894...
Wed Oct 17 03:35:14 EDT 2001


Hello all,

I am a graduate student and as part of my final project, was thinking of
implementing a distributed portscan detector. I believe snort portscan
detector detects one->one and one->many portscans, and there is work
going on to build the many->one and the many->many modules. 

I would like to work on something like that. Could anybody provide me
with some guidance/suggestions as to how I should proceed ? I wud like
to know what are the 'to do's in this area, so that I can focus my work
efforts and help contribute in some way.

-- 
Mamata Desai
Final year, M.Tech, CSE Department, IIT Bombay
http://www.cse.iitb.ac.in/~mamata




More information about the Snort-devel mailing list