A port scan occurs when one source IP address sends IP packets
containing TCP SYN segments to a defined number of different
ports at the same destination IP address within a defined interval.
The purpose of this attack is to scan the available services in
the hope that at least one port will respond, thus identifying
a service of the target. The device should internally log the
number of different ports scanned from one remote source.
This attribute records the port scan attempt attack packets.