On Tue, Jun 13, 2006 at 01:07:46AM -0600, Bob Beck wrote:
> > Luckily, spamd greylisting saved the day. If it wasn't for BASE/snort
> > reporting of the portscan, I wouldn't have even bothered looking in my logs
> > tonite, and probably would never have been aware of the thwarted attempt.
> >
>
> Good thing they're only portscanning and mailbombing you then,
> and not exploiting one of the bazillions of snort overflows ;)
If it was set up properly, exploiting Snort wouldn't gain anyone
anything more serious than the ability to mess up Snort logs. Granted,
that can be useful...
Joachim
