[Snort-users] SYN and Win32 SnortLog Analyzer

Jason Withrow jwithrow at ...422...
Sun Sep 16 11:10:02 EDT 2001


First thanks to everyone that have been very helpful, I appreciate you

Could some please SYN me, I want to compare the results I got, to see if
my box is really filtering all the ports it should be.

This is the nmap result I got.

	Initiating SYN half-open stealth scan against realweb2000
	The SYN scan took 950 seconds to scan 1523 ports.
	Warning:  No TCP ports found open on this machine, OS detection
will 	be MUCH less reliable

	All 1523 scanned ports on realweb2000 ( are: filtered
	Too many fingerprints match this host for me to give an accurate
OS 	guess

	TCP/IP fingerprint:

	Nmap run completed -- 1 IP address (1 host up) scanned in 1083

Also, in case anyone is interested, I am completing a win32 snort Log
analyzer. I am pretty much just doing it because I don't want to have to
go through all the trouble of installing ACID, but I will make the exe
freely available for those whom want it.


- Jason

More information about the Snort-users mailing list