i am using nmap for scanning NULL and XMAS

here is the log

XMAS log:

 src: 10.x.x.17 signature match: "SCAN nmap XMAS" (sid: 1228) tcp port: 765
Oct 28 21:03:38 firewall
psad: scan detected: 10.x.x.17 -> 10.x.x.22 tcp: [1-65389] flags: URG PSH
FIN tcp pkts: 2000 DL: 5

Null Scan log:
psad: scan detected: 10.x.x.17 -> 10.x.x.22 tcp: [1-65389] flags: NULL tcp
pkts: 1990 DL: 5

why Null scan didn't showed the signature against which this alert


October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
psad-discuss mailing list

Reply via email to