Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
I want to ask:
1- What is the difference b/w action non and ignore?
2- What is the difference b/w just logging and log packets?
Q1: both no action but ignore also ignores remainder of session, no further scanning.
Q2: Logging logs the match on a signature (Found this or that) log packets save some packets around the attack for further analyses with e.g. wireshark