To think that a port scan is a single connection from a single host to a single port on another host is ridiculous. These reports are compiled from data given by various respectable organizations within the DoD (AFCERT, ACERT, NAVCERT, etc) who have well defined procedures for identifying and escalating these types of "attacks".
A general description of a host scan would be x connections from host(a) to y ports on host(b) within time delta.
A general description of a distributed port scan would be x connections from host(a) to y hosts port(n) within time delta.
Most of the time these two types of scans are lumped together and refered to as port scans.
Bammkkkk
Slashdot Mirror
To think that a port scan is a single connection from a single host to a single port on another host is ridiculous. These reports are compiled from data given by various respectable organizations within the DoD (AFCERT, ACERT, NAVCERT, etc) who have well defined procedures for identifying and escalating these types of "attacks".
A general description of a host scan would be x connections from host(a) to y ports on host(b) within time delta.
A general description of a distributed port scan would be x connections from host(a) to y hosts port(n) within time delta.
Most of the time these two types of scans are lumped together and refered to as port scans. Bammkkkk