[Snort-users] FTP USER overflow attempt alerts, no logged packets.
dolfredm at ...131...
Wed Jul 31 06:46:20 EDT 2002
My snort alerted on the FTP user overflow attempt, as
detailed below. On checking the logs, I observed that
no packets were recorded for this alert, despite the
large number of entries in the alerts file. Offensive
packets were logged on all other alerts, but not this
My Snort version is 1.8.7
Any comments/ideas will be appreciated.
[**] [1:1734:4] FTP USER overflow attempt [**]
[Classification: Attempted Administrator Privilege
Gain] [Priority: 1]
07/29-10:04:20.610705 0:A0:8E:14:EC:E8 -> 0:0:C:7:AC:0
x.x.x.x:1349 -> x.x.x.x:21 TCP TTL:240 TOS:0x10 ID:0
***AP*** Seq: 0xC7BB95C1 Ack: 0xC7BB95C1 Win: 0x0
[Xref => http://www.securityfocus.com/bid/4638] [Snort
Do You Yahoo!?
Yahoo! Health - Feel better, live better
More information about the Snort-users