work and IT @ 22 Dec 2010 11:28 am by ayoi
Just imagine IF you received this notification email:
Dear Sir,
We have detected scanning activity related to specific ports.This signature detects when a computer attempts to access more than 10 different TCP ports on the victim’s computer.
Severity : Medium
Port : 0
Events #: 50000
Corrective Actions: We will keep on monitoring traffic related to this event
“We will keep on monitoring traffic related to this event” can be considered as one of the corrective actions? 
)
p/s: No, it is not ours.. 
