[Snort-users] Is this Fpipe?

Jason Withrow jwithrow at ...422...
Tue Sep 25 22:57:02 EDT 2001


Would this be someone trying to use fpipe against me?

[**] ICMP Destination Unreachable (Port Unreachable) [**]
09/26-02:01:05.723209 0:10:B5:4:13:41 -> 0:30:80:5D:7F:70 type:0x800
len:0x46
66.31.82.9 -> 24.91.0.146 ICMP TTL:128 TOS:0x0 ID:41422 IpLen:20
DgmLen:56
Type:3  Code:3  DESTINATION UNREACHABLE: PORT UNREACHABLE
** ORIGINAL DATAGRAM DUMP:
24.91.0.146:53 -> 66.31.82.9:3828 UDP TTL:251 TOS:0x0 ID:52175 IpLen:20
DgmLen:117
Len: 97
** END OF DUMP
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
=+

[**] ICMP Destination Unreachable (Port Unreachable) [**]
09/26-02:02:09.285986 0:10:B5:4:13:41 -> 0:30:80:5D:7F:70 type:0x800
len:0x46
66.31.82.9 -> 24.91.0.150 ICMP TTL:128 TOS:0x0 ID:41552 IpLen:20
DgmLen:56
Type:3  Code:3  DESTINATION UNREACHABLE: PORT UNREACHABLE
** ORIGINAL DATAGRAM DUMP:
24.91.0.150:53 -> 66.31.82.9:3836 UDP TTL:250 TOS:0x0 ID:19783 IpLen:20
DgmLen:162
Len: 142
** END OF DUMP
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
=+

[**] ICMP Destination Unreachable (Port Unreachable) [**]
09/26-02:02:11.141380 0:10:B5:4:13:41 -> 0:30:80:5D:7F:70 type:0x800
len:0x46
66.31.82.9 -> 24.128.1.80 ICMP TTL:128 TOS:0x0 ID:41560 IpLen:20
DgmLen:56
Type:3  Code:3  DESTINATION UNREACHABLE: PORT UNREACHABLE
** ORIGINAL DATAGRAM DUMP:
24.128.1.80:53 -> 66.31.82.9:3836 UDP TTL:248 TOS:0x0 ID:28017 IpLen:20
DgmLen:162
Len: 142
** END OF DUMP
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
=+

[**] ICMP Destination Unreachable (Port Unreachable) [**]
09/26-02:02:14.149458 0:10:B5:4:13:41 -> 0:30:80:5D:7F:70 type:0x800
len:0x46
66.31.82.9 -> 24.128.1.80 ICMP TTL:128 TOS:0x0 ID:41630 IpLen:20
DgmLen:56
Type:3  Code:3  DESTINATION UNREACHABLE: PORT UNREACHABLE
** ORIGINAL DATAGRAM DUMP:
24.128.1.80:53 -> 66.31.82.9:3839 UDP TTL:248 TOS:0x0 ID:28018 IpLen:20
DgmLen:160
Len: 140
** END OF DUMP
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
=+





More information about the Snort-users mailing list