On Tue, Jun 13, 2006 at 01:07:46AM -0600, Bob Beck wrote: > > Luckily, spamd greylisting saved the day. If it wasn't for BASE/snort > > reporting of the portscan, I wouldn't have even bothered looking in my logs > > tonite, and probably would never have been aware of the thwarted attempt. > > > > Good thing they're only portscanning and mailbombing you then, > and not exploiting one of the bazillions of snort overflows ;)
If it was set up properly, exploiting Snort wouldn't gain anyone anything more serious than the ability to mess up Snort logs. Granted, that can be useful... Joachim