[Snort-users] New to snort...what do these mean???

Vitaly McLain twistah at ...93...
Wed Oct 11 19:08:17 EDT 2000


Hi,

"Not true. When I scan for say vulnerable nameservers I ONLY connect to port
53, and no other ports."

True, but that doesn't qualify as a "portscan", IMO. But I see your point in
the fact that a single suspicious packet may infact be cause for alarm.

Vitaly McLain
twistah at ...93...





More information about the Snort-users mailing list