[Snort-users] Turning off portscans
agent33 at ...187...
Mon Apr 30 15:46:18 EDT 2001
That should get the portscans off, unless they are "stealth" scans. This
type of scan triggers a regular plain old snort rule. To eliminate these,
comment the rule.
As far as the crash goes, any error messages?
> -----Original Message-----
> From: Siddhartha Jain [mailto:s_i_d_j at ...131...]
> Sent: Monday, April 30, 2001 12:44 PM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Turning off portscans
> How do i turnoff listening for portscans? I commented out
> these two lines
> from the conf file and snort crashed. Snort 1.7 on Solaris 2.6/Sparc.
> preprocessor portscan: $INTERNAL 4 3 portscan.log
> preprocessor portscan-ignorehosts: $DNS_SERVERS
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
More information about the Snort-users