[Snort-users] snort rule to detect nmap portscan with -P0 opt ion

Schott, Erik J Mr ANOSC/FCBS erik.schott-FCBS at ...12562...
Tue Jan 11 13:22:07 EST 2005


The mail server has the hiccups again.

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of linux
Sent: Sunday, January 09, 2005 10:11 PM
To: Snort-users at lists.sourceforge.net
Subject: [Snort-users] snort rule to detect nmap portscan with -P0
option


dear all,

I'm using snort and snortsam in my organization to keep watch on all 
network activity.
To block suspicious activity i have configure snortsam along with snort..
everythign is working fine ..

But i noticed that port scan attack plcaed with -P0 option are not 
getting detected .

Pl help me out to detect that also .

With regards
linux admin


-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list