I have a couple of questions about a particular signature. It is the SYN BOMB. Everytime I see this signature, when I go to take a look at what it might be, there are never any packet details. I am certainly no IDS expert by any means and I wonder how you tell if it is a false positive or not if there are no details of any kind. If it is, how do you turn it off. I have looked in my policies and cant even find it.