[Snort-users] Help with a config file please?

snort at ...8664... snort at ...8664...
Fri Apr 4 15:32:05 EST 2003


I have them both enabled but here is a copy|paste of the details from ACID.

ID # Time Triggered Signature
2 - 18 2003-04-04 16:47:32 [snort] spp_portscan: End of portscan from
111.222.333.444: TOTAL time(81s) hosts(1) TCP(357) UDP(0)

so from reading that I assume that the one that picked it up was portscan.


> Are you using portscan or portscan2 to pickup the scans?

More information about the Snort-users mailing list