[curious snort]
GDHough
mr6re9-mI4xJ4qlgtBiLUuM0BA3LQ at public.gmane.org
Mon Dec 29 13:59:50 UTC 2003
Just wondering if there are any snorters out there or if this kind of traffic
is considered hostile inside a nat:
Generated by ACID v0.9.6b23 on Wed, 24 Dec 2003 14:32:54 -0500
----------------------------------------------------------------------------
#(1 - 2701) [2003-12-24 00:01:59] [snort/46] (snort_decoder) WARNING: TCP
Data Offset is less than 5!
IPv4: 63.247.85.10 -> my.inet.addr.200
hlen=5 TOS=0 dlen=1500 ID=60224 flags=0 offset=0 TTL=47 chksum=17258
TCP: port=80 -> dport: 44963 flags=2**A*RS* seq=1813803659
ack=1215956819 off=4 res=4 win=21299 urp=38947 chksum=1522
Payload: none
DNS GNAX.net
63.247.85.10 - cereza.estarr-5.com
--
Eating Crow is better with MyCrowSauce
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list