[Snort-users] Is this a realy a bogus portscan report?

Martin Roesch roesch at ...1935...
Mon May 7 11:48:15 EDT 2001


See the portscan preprocessor section in the snort.conf file or the
Writing Snort Rules document at www.snort.org.

     -Marty

Bob Van Cleef wrote:
> 
> Is there some "sensitivity" tuning that needs to be done to
> snort?  Was that portscan bogus? 192.86.6.214 was a test
> system that was only up for about one hour. (Actually a
> netscreen firewall box with an old windows laptop behind it.)
> 
> Snort itself did not log anything from either IP address.
> 
> Bob
> 
> ---------- Forwarded message ----------
> Date: Mon, 7 May 2001 07:10:21 -0700
> From: Abuse-Team <abuse-team at ...1990...>
> To: "'vancleef at ...211...'" <vancleef at ...211...>
> Subject: Re: FW: Portscan from your name server!!!
> 
> Thank you for your report.  This IP address is a machine that is a part of
> network routing.  This machine is secure and does not perform portscans, the
> traffic you saw is part of standard network traffic.  If your firewall
> software is reporting this as a portscan, system probe, or hack attempt, you
> may wish to check the settings of your firewall, as many have 'maximum'
> settings which will report any and all network traffic, including standard
> traffic such as this, as an attack.
> 
> Thank you,
> 
> The @Home Network Policy Management Team
> 
> -----Original Message-----
> From: Bob Van Cleef [mailto:vancleef at ...211...]
> Sent: Friday, May 04, 2001 10:53 AM
> To: abuse at ...530...
> Subject: Portscan from your name server!!!
> 
> Why did your nameserver scan one of my test systems?
> Did you swallow a virus?
> 
> 24.1.4.12 - proxy1.stcla1.sfba.home.com
> 
> Bob
> --
> ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>
> Bob Van Cleef, Member of Technical Staff         (408) 734-8100
> MicroUnity Systems Engineering, Inc.         FAX (408) 734-8136
> 376 Martin Ave., Santa Clara, CA 95050  vancleef at ...211...
> 
> May  3 14:52:31 24.1.4.12:53 -> 192.86.6.214:2371 UDP
> May  3 14:52:31 24.1.4.12:53 -> 192.86.6.214:2374 UDP
> May  3 14:52:32 24.1.4.12:53 -> 192.86.6.214:2377 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2381 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2383 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2385 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2387 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2389 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2391 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2393 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2395 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2397 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2399 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2401 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2403 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2405 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2408 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2410 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2412 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2414 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2416 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2418 UDP
> May  3 14:52:33 24.1.4.12:53 -> 192.86.6.214:2420 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2422 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2424 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2426 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2428 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2430 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2432 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2434 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2436 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2438 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2440 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2442 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2444 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2446 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2448 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2450 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2452 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2454 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2456 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2458 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2460 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2462 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2464 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2466 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2468 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2470 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2472 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2474 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2476 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2478 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2480 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2482 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2484 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2486 UDP
> May  3 14:52:34 24.1.4.12:53 -> 192.86.6.214:2488 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2490 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2492 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2494 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2496 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2498 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2500 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2502 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2504 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2506 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2508 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2510 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2512 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2514 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2516 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2518 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2520 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2522 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2524 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2526 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2528 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2530 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2532 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2534 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2536 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2538 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2540 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2542 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2544 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2546 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2548 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2550 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2552 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2554 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2556 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2558 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2560 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2562 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2564 UDP
> May  3 14:52:35 24.1.4.12:53 -> 192.86.6.214:2566 UDP
> May  3 14:52:36 24.1.4.12:53 -> 192.86.6.214:2568 UDP
> May  3 14:52:36 24.1.4.12:53 -> 192.86.6.214:2570 UDP
> May  3 14:52:36 24.1.4.12:53 -> 192.86.6.214:2572 UDP
> May  3 14:52:36 24.1.4.12:53 -> 192.86.6.214:2574 UDP
> May  3 14:52:36 24.1.4.12:53 -> 192.86.6.214:2576 UDP
> May  3 14:52:36 24.1.4.12:53 -> 192.86.6.214:2578 UDP
> May  3 14:52:36 24.1.4.12:53 -> 192.86.6.214:2580 UDP
> May  3 14:53:42 24.1.4.12:53 -> 192.86.6.214:2582 UDP
> May  3 14:53:42 24.1.4.12:53 -> 192.86.6.214:2584 UDP
> May  3 14:53:43 24.1.4.12:53 -> 192.86.6.214:2586 UDP
> May  3 14:53:43 24.1.4.12:53 -> 192.86.6.214:2588 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2590 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2592 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2594 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2596 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2598 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2600 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2602 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2604 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2606 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2608 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2610 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2612 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2614 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2616 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2618 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2620 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2622 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2624 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2626 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2628 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2630 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2632 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2634 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2636 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2638 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2640 UDP
> May  3 14:53:44 24.1.4.12:53 -> 192.86.6.214:2642 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2644 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2646 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2648 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2650 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2652 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2654 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2656 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2658 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2660 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2664 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2666 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2668 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2670 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2672 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2674 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2676 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2678 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2680 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2682 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2684 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2686 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2688 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2690 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2692 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2694 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2696 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2698 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2700 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2702 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2704 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2706 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2708 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2710 UDP
> May  3 14:53:45 24.1.4.12:53 -> 192.86.6.214:2712 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2714 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2717 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2719 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2721 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2723 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2725 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2727 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2729 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2731 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2733 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2735 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2737 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2739 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2741 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2743 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2745 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2747 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2749 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2751 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2753 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214::2755 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2757 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2759 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2761 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2763 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2765 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2767 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2769 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2771 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2773 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2775 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2777 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2779 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2781 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2783 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2785 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2787 UDP
> May  3 14:53:46 24.1.4.12:53 -> 192.86.6.214:2789 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2791 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2794 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2796 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2798 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2800 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2802 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2804 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2806 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2808 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2810 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2812 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2814 UDP
> May  3 14:53:47 24.1.4.12:53 -> 192.86.6.214:2816 UDP
> May  3 14:53:48 24.1.4.12:53 -> 192.86.6.214:33792 UDP
> May  3 14:54:11 24.1.4.12:53 -> 192.86.6.214:2829 UDP
> May  3 14:54:11 24.1.4.12:53 -> 192.86.6.214:2662 UDP
> May  3 14:54:12 24.1.4.12:53 -> 192.86.6.214:2834 UDP
> May  3 14:54:12 24.1.4.12:53 -> 192.86.6.214:2836 UDP
> May  3 14:54:12 24.1.4.12:53 -> 192.86.6.214:2838 UDP
> May  3 14:54:12 24.1.4.12:53 -> 192.86.6.214:2840 UDP
> May  3 14:54:12 24.1.4.12:53 -> 192.86.6.214:2842 UDP
> May  3 14:54:12 24.1.4.12:53 -> 192.86.6.214:2844 UDP
> May  3 14:54:13 24.1.4.12:53 -> 192.86.6.214:2847 UDP
> May  3 14:54:13 24.1.4.12:53 -> 192.86.6.214:2849 UDP
> May  3 14:54:13 24.1.4.12:53 -> 192.86.6.214:2851 UDP
> May  3 14:54:13 24.1.4.12:53 -> 192.86.6.214:2853 UDP
> May  3 14:54:13 24.1.4.12:53 -> 192.86.6.214:2855 UDP
> May  3 14:54:13 24.1.4.12:53 -> 192.86.6.214:2857 UDP
> May  3 14:54:13 24.1.4.12:53 -> 192.86.6.214:2859 UDP
> May  3 14:54:13 24.1.4.12:53 -> 192.86.6.214:2861 UDP
> May  3 15:25:35 24.1.4.12:53 -> 192.86.6.214:2414 UDP
> May  3 15:25:35 24.1.4.12:53 -> 192.86.6.214:2422 UDP
> May  3 15:25:36 24.1.4.12:53 -> 192.86.6.214:2430 UDP
> May  3 15:25:36 24.1.4.12:53 -> 192.86.6.214:2448 UDP
> May  3 15:25:38 24.1.4.12:53 -> 192.86.6.214:2562 UDP
> May  3 15:25:39 24.1.4.12:53 -> 192.86.6.214:2511 UDP
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

--
Martin Roesch
roesch at ...1935...
http://www.sourcefire.com - http://www.snort.org




More information about the Snort-users mailing list