- Linux (15)
- Software (8)
- General (1)
- Hardware
- Kernel (2)
- Networking (2)
- Security (2)
- Xen
- FreeBSD (1)
- General
- Hardware
- Kernel
- Networking
- Security
- Software (1)
- Appliance Software (3)
- Asterisk
- Cpanel (3)
- Ensim
- Plesk
- Webmin
- Programming (1)
- BASH
- PERL (1)
- PHP
- Python
- Security Annoncement
Networking
help me
in
can anybody suggest me to get details for doing online certification in networking or linux based topics.if possible please give your mobile no also,if you dont mind?
Snortsam and Portscanning Detection
Posted November 13th, 2005 by SuthaThis Post Originally From Snort-users by Frank
Q
: How can i use the snort portscan2 preprocessor with snortsam?
A
:it doesn't matter what version of Snort you are using, 1.9.x, 2.0.x, or 2.1.x. Alerts from the portscan preprocessor (or any other preprocessor such as ARP spoof) are not recognized by Snortsam. It only reacts to alerts generated by packets detected with rules.
That said, port scans can be detected. However, you will have to create your own rules for that. There are two ways (and a combined way) of doing this.
a) Create rules that fire when you can packets going to unused IP
