[Oisf-users] How suricata detects portscans??
carlopmart
carlopmart at gmail.com
Wed Apr 13 07:36:44 UTC 2011
On 04/12/2011 11:49 PM, Robert Vineyard wrote:
> IMHO portscan / DOS detection is much easier and more efficient using
> netflow tools if you're interested in such things - when doing DPI it always
> seemed like a waste of cycles that could be better used to look for more
> interesting signatures.
>
> Just my 2c.
>
> --
Thanks Robert. Some recommendation about netwflow tool to use??
--
CL Martinez
carlopmart {at} gmail {d0t} com
More information about the Oisf-users
mailing list