[Snort-users] Separating real portscans from false-positives
This is a discussion on [Snort-users] Separating real portscans from false-positives within the Snort forums, part of the System Security and Security Related category; Hello, Anyone can recommend a guide or can give me some hints about separating real portscans from false-positives? I ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-14-2006
|
|||
|
|||
[Snort-users] Separating real portscans from false-positives
Hello,
Anyone can recommend a guide or can give me some hints about separating real portscans from false-positives? I get 1000s of portscan alerts, decoy portscan alerts and distributed portscan alerts every day making it impossible to see whats real or not. Cheers, Timo ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=...057&dat=121642 _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
