[Snort-users] EXPLOIT x86 NOPS

Christopher C. Northrop chris.northrop at ...406...
Fri Apr 6 09:11:10 EDT 2001


Group,

I have received some alerts and I'm not sure if their for real..

[**] EXPLOIT x86 NOPS [**]
04/05-14:58:19.599813 0:40:5:59:D4:82 -> FF:FF:FF:FF:FF:FF
type:0x800 len:0x107
X.X.4.10:138 -> X.X.4.255:138 UDP TTL:128 TOS:0x0 ID:26092 IpLen:20
DgmLen:249 Len: 229

[**] EXPLOIT x86 NOPS [**]
04/05-14:58:42.239462 0:60:97:A1:80:21 -> FF:FF:FF:FF:FF:FF
type:0x800 len:0xF0
X.X.4.96:138 -> X.X.4.255:138 UDP TTL:128 TOS:0x0 ID:58567 IpLen:20
DgmLen:226 Len: 206

[**] EXPLOIT x86 NOPS [**]
04/05-15:00:26.645712 0:60:8:E4:3A:74 -> FF:FF:FF:FF:FF:FF
type:0x800 len:0x111
X.X.4.251:138 -> X.X.4.255:138 UDP TTL:32 TOS:0x0 ID:25075 IpLen:20
DgmLen:259 Len: 239

[**] EXPLOIT x86 NOPS [**]
04/05-15:00:47.778524 0:1:3:C4:4F:5B -> FF:FF:FF:FF:FF:FF
type:0x800 len:0xF3
X.X.4.245:138 -> X.X.4.255:138 UDP TTL:128 TOS:0x0 ID:36527 IpLen:20
DgmLen:229 Len: 209

Any suggestions, please advise.
Chris N.





More information about the Snort-users mailing list