Hi All
Anyone can explain the difference between these two?
lab@srxB-2# set security screen ids-option scr tcp port-scan ?
threshold Threshold (1000..1000000 time in us per 10 attack packets)
lab@srxB-2# set security screen ids-option scr tcp tcp-sweep ?
threshold Threshold which specifies the minimum time per TCP packets (time in microseconds per 10 TCP packets)
I guess port scan is for the same source and destination, but different ports, and sweep should be for different destination ips? I've seen KB23261 but it is not explanatory. The doc is silent about tcp-sweep (as well as udp-sweep).