[ntp:questions] NTP.POOL.ORG Server is a shadowserver
Uwe Klein
uwe at klein-habertwedt.de
Thu Oct 18 16:35:27 UTC 2012
Rob wrote:
> And I think that is very wise. There are many protocols that can
> be used to hide communication, and it is undoable to analyze all
> of them to the level where you can be sure it is innocent.
False positives ruin trust in a tool.
( crying wolf to often. )
If 99% of your alerts are false positives that tool is worthless.
uwe
More information about the questions
mailing list