Don't Alert any syn-scan!



  • Hi everybody,
    I want to test the ids feature and I run this command:

    sudo nmap -Pn -sS x.y.z.t
    

    I did not get any alert but when I run this command:

    sudo nmap -Pn -O -A x.y.z.t
    

    I could see an alert by my IP on the Services/Snort/Alerts!

    Why did not pfSense alert the simple syn-scan?



  • Did you enable Port scan detection?

    General preprocessor settings section –> enable 'Portscan Detection'