Nmap Detection via Suricata

Hello everyone,

Just wanted to know is there any way that suricata can detect nmap scans for internal traffic?
I wanted to detect when an attacker is doing Recon on my Network from the inside, I tried simple rules as well rules from ET to detect scans going outbond but not for Internal.

Have a look at Suricata-IDS and Nmap and Outbound: Port Scanning & Brute Force detection - #3 by FlorinMarian

1 Like