Nmap Detection via Suricata

watsoninfosec · April 30, 2022, 7:44pm

Hello everyone,

Just wanted to know is there any way that suricata can detect nmap scans for internal traffic?
I wanted to detect when an attacker is doing Recon on my Network from the inside, I tried simple rules as well rules from ET to detect scans going outbond but not for Internal.

syoc · May 2, 2022, 7:49am

Have a look at Suricata-IDS and Nmap and Outbound: Port Scanning & Brute Force detection - #3 by FlorinMarian

Topic		Replies	Views
NMAP detection rules for Suricata in GitHub Rules ips , suricata , opnsense	6	944	May 26, 2024
Suricata doesn't detect nmap scan suricata	1	644	December 12, 2023
Suricata-IDS and Nmap Rules community	8	10720	August 20, 2020
Outbound: Port Scanning & Brute Force detection Help	5	4452	March 22, 2022
Create rules on pfsense Rules ips , pfsense , suricata	2	915	September 2, 2022

Nmap Detection via Suricata

Related topics