In this Chapter we will first have a glance at all snort alerts we were able to generate with the log files analyzed. This will help us understand the trends in the data set. In the following sections we will then have a closer look at some of the issues we identified in the first Chapter. In addition to the discussion of those findings we will come up with different methods to analyze datasets. We will see that there are a number of machines utilizing automated ways of attacking machines. We also found a lot of false positives in the alerts triggered by snort. A rough guess is probably around 50%. This is very disappointing and shows that something fundamental is wrong in the world of network-based intrusion detection systems. We will suggest a possible fix at the end of the next Section.