Hi together! I just figured out how to run snort (altough it doesn't start at boot-up, hell knows why...). Now it keeps telling me, that there is a portscan against myself from my machine running. Look at this: [**] [100:1:1] spp_portscan: PORTSCAN DETECTED from 10.0.3.19 (THRESHOLD 4 connections exceeded in 7 seconds) [**] 09/24-23:52:42.477424 [**] [100:2:1] spp_portscan: portscan status from 10.0.3.19: 6 connections across 6 hosts: TCP(5), UDP(1) [**] 09/24-23:53:58.678712 [**] [100:2:1] spp_portscan: portscan status from 10.0.3.19: 1 connections across 1 hosts: TCP(0), UDP(1) [**] 09/24-23:54:03.679551 [**] [100:2:1] spp_portscan: portscan status from 10.0.3.19: 1 connections across 1 hosts: TCP(0), UDP(1) [**] 09/24-23:54:08.689307 [**] [100:2:1] spp_portscan: portscan status from 10.0.3.19: 2 connections across 2 hosts: TCP(1), UDP(1) [**] 09/24-23:55:00.534798 And I swear, I'm not running any nmap or anything similar, and haven't been running since the last reboot... Could anybody help me please? TIA kind regards markus