A Snort sensor is generating many false-positive sfPortscan alerts, in which busy, trusted hosts are flagged as the source of port sweep events. Which tuning strategy can mitigate this problem?
Limited Time Offer
25%
Off
Currently there are no comments in this discussion, be the first to comment!
Currently there are no comments in this discussion, be the first to comment!