I've finished configuring a Cisco PIX 506e firewall for our office, but I am having a little problem with the syslog logging of IDS attacks. I havent quite figured out a way to simulate an attack. Ive tried a port scan from a machine on the outisde interface. It logs the scan, but doesnt treat it as an attack. Just shows up in the log as a warning. Is my simple port scan an insufficient event to be considered an attack? If so, how can I simulate an attack?