[Intrusions] [LOGS] Summary of large-scale portscanning detects
Ken Connelly
Ken.Connelly at uni.edu
Thu Mar 17 12:18:57 GMT 2005
Mark Stingley wrote:
> Ken.Connelly at uni.edu wrote:
>
>> This will be the last of these postings for some unknown interval.
>> As of
>> today, I am moving on to a newer version of my IDS that logs scans
>> differently. Dilbert says, "Change is good. You go first." Well, it
>> seems like it's my turn to go... When I figure out how to easily
>> automate
>> a similar report from the new format, these may return. Until then,
>> it's
>> been nice... - ken
>
>
> If you send me a some output, I'd be more than
> happy to help out.
>
In a nutshell, I'm now looking at the output of sfportscan in snort
2.3.1, which logs summaries instead of detail lines.
--
- Ken
=================================================================
Ken Connelly Systems and Operations Manager, ITS Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly at uni.edu
phone: (319) 273-5850 fax: (319) 273-7373
It's much more important to know what you don't know than what you do know!
More information about the Intrusions
mailing list