[Snort-users] Nice result with Snort.
Jan Hugo Prins
j.h.prins at ...1226...
Mon Jan 29 16:32:47 EST 2001
On Monday 29 January 2001 22:18, you wrote:
> On Mon, 29 Jan 2001, Jan Hugo Prins wrote:
> > The HW I got from the packet is the HW of a system within my own segment
> > and they can be obtained from packets where the IP adres is not masked.
> > At least, that is what I know about it.
> But you still haven't identified the attacker.
> The only way you could identify them from the mac address is if they were
> on your same ethernet segment.
And he actually is. Atleast, I think he is. I have an IP in subnet
220.127.116.11/22 and so has he. This should be the same segment, shouldn't it?
More information about the Snort-users