[Snort-users] SYN and Win32 SnortLog Analyzer

Jason Withrow jwithrow at ...422...
Sun Sep 16 11:10:02 EDT 2001


Hi,

First thanks to everyone that have been very helpful, I appreciate you
experience.

Could some please SYN me, I want to compare the results I got, to see if
my box is really filtering all the ports it should be.

This is the nmap result I got.

	Initiating SYN half-open stealth scan against realweb2000
(66.31.82.9)
	The SYN scan took 950 seconds to scan 1523 ports.
	Warning:  No TCP ports found open on this machine, OS detection
will 	be MUCH less reliable

	All 1523 scanned ports on realweb2000 (66.31.82.9) are: filtered
	Too many fingerprints match this host for me to give an accurate
OS 	guess

	TCP/IP fingerprint:
	T5(Resp=N)
	T6(Resp=N)
	T7(Resp=N)
	PU(Resp=N)


	Nmap run completed -- 1 IP address (1 host up) scanned in 1083
seconds

Also, in case anyone is interested, I am completing a win32 snort Log
analyzer. I am pretty much just doing it because I don't want to have to
go through all the trouble of installing ACID, but I will make the exe
freely available for those whom want it.

Thanks, 

- Jason





More information about the Snort-users mailing list