FAQ: See http://www.ticm.com/kb/faq/idsfaq.html IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html HELP: Having problems.. Then email questions to ids-owner@uow.edu.au NOTE: You MUST remove this line from reply messages as it will be filtered. SPAM: DO NOT send unsolicted mail to this list. USUB: email "unsubscribe ids" to majordomo@uow.edu.au --------------------------------------------------------------------------- I'm currently working with the Checkpoint Firewall 1 community to track scans (ie. who is doing what). I've also enhanced an automated script that works with the Firewall. The script detects, logs, and reacts to scans (such as emailing the admin). I thought the IDS community might be interested. You can get more info at http://www.enteract.com/~lspitz/intrusion.html Thanks! Lance Spitzner http://www.enteract.com/~lspitz/papers.html Internetworking & Security Engineer Dimension Enterprises Inc