I am trying to get rid of the errors of: "(portscan) Open Port" in my Snort logs. They are filling it up quite fast. I have put a line in the threshold.conf file and enabled that file in the snort.conf file but that has done nothing so far.
Setup is Centos/MySQL/Snort/BASE. Any advice would be much appreciated. Thanks! ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
