The most recent content from our members.
We had the Port Scans alert in SEM setup with the OotB rules ( i know dont beat me up) and we did not really get any false alerts until recently and now it is hitting this alert fairly frequently. i am wondering if you have a best practice on what is a good way to monitor and alert to unwanted port scans on the network. we…
Hi all, I have a question based on LEM portscan conditions. See attached snapshot for guidance. I want to create a portscan rule which will ignore posrtscan activities originating from public IP's, but the destination should be on my internal network. I want to detect external public IP's performing portscan activities in…
It looks like you're new here. Sign in or register to get started.