Something like Snort will have to detect the port scanning, and ossec will just read the log and report on it.
On Mon, Jan 4, 2010 at 2:50 PM, Dimitri <[email protected]> wrote: > I guys. > > In ossec-wui I can see that exists "category/reconnaissance/generic scan" > search. where I can find information about this type of reconnaissance? , > already I reviewed several times source of ossec and nonencounter the > corresponding function. > One question more… ossec can detect port scaning?. > > Regards. > > Dimitri.- > http://deoxyt2.livejournal.com > http://anabalon.clan.su > OpenBSD - Free, Functional & Secure > > > >
