wkitty42 at ...14940...
Fri Oct 8 13:33:05 EDT 2010
the following are hypothetical questions but ones that i run into all the time
and have yet to find any explanation or answers for...
1. what is PSNG?
2. should i really be concerned about this type or port sweep? why?
3. should i be concerned about it if it is originating on my network? why?
4. why would the alert be showing that it is related to one address but tcpdump
shows it is related to another but the last octet number is different?
ie: 188.8.131.52 shown in alert but 184.108.40.206 is in the tcpdump capture
More information about the Snort-users