[Intrusions] [LOGS] Summary of large-scale portscanning detects
Jason "JC" Monroe
monroe at peoplego.com
Thu Sep 16 06:13:02 GMT 2004
On Tue, 2004-09-14 at 06:45, Ken.Connelly at uni.edu wrote:
> The following extracts show the beginning and ending of scan activity
> was detected on my network. The number following each set is the total
> number of probes for that source. Timestamps are GMT-0500.
Since you are so kind as to send these reports every day would you
consider taking another step and potentially identify the remote
operating system making use of passive analysis (p0f, etc...) and
providing that info in another column of your report?
Thanks in advance,
JC
More information about the Intrusions
mailing list