[Oisf-users] How suricata detects portscans??

carlopmart carlopmart at gmail.com
Wed Apr 13 07:36:44 UTC 2011

On 04/12/2011 11:49 PM, Robert Vineyard wrote:
> IMHO portscan / DOS detection is much easier and more efficient using
> netflow tools if you're interested in such things - when doing DPI it always
> seemed like a waste of cycles that could be better used to look for more
> interesting signatures.
> Just my 2c.
> --

Thanks Robert. Some recommendation about netwflow tool to use??

CL Martinez
carlopmart {at} gmail {d0t} com

More information about the Oisf-users mailing list