[Snort-users] UDP port 44767

Togan Muftuoglu toganm at ...603...
Wed Mar 20 13:26:31 EST 2002


I ahd been getting weird requests to UDP port 44767. Finally I decided to
see what that request is. Here is the part I was able to capture. Does
any one have any idea ? I have searched google but udp 44767 is like
blackhole  :-( I could not find any info

Thanks in advance

--
Togan Muftuoglu


03/20-22:49:17.694426 xxx.xxx.xxx.62:4818 -> xxx.xxx.xxx.12:44767
UDP TTL:120 TOS:0x0 ID:35005 IpLen:20 DgmLen:29
Len: 9
50                                               P

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

03/20-22:49:17.704426 xxx.xxx.xxx.62:4820 -> xxx.xxx.xxx.14:44767
UDP TTL:120 TOS:0x0 ID:35517 IpLen:20 DgmLen:29
Len: 9
50                                               P

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

03/20-22:49:17.704426 xxx.xxx.xxx.62:4821 -> xxx.xxx.xxx.15:44767
UDP TTL:120 TOS:0x0 ID:35773 IpLen:20 DgmLen:29
Len: 9
50                                               P

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

03/20-22:49:49.664426 xxx.xx.xx.174:3101 -> xxx.xxx.xxx.14:44767
UDP TTL:121 TOS:0x0 ID:8221 IpLen:20 DgmLen:29
Len: 9
50                                               P

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

03/20-22:49:49.674426 xxx.xx.xx.174:3099 -> xxx.xxx.xxx.12:44767
UDP TTL:121 TOS:0x0 ID:8219 IpLen:20 DgmLen:29
Len: 9
50                                               P

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

03/20-22:49:49.694426 xxx.xx.xx.174:3102 -> xxx.xxx.xxx.15:44767
UDP TTL:121 TOS:0x0 ID:8222 IpLen:20 DgmLen:29
Len: 9
50                                               P

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

03/20-22:56:29.594426 xxx.xxx.xxx.254:4308 -> xxx.xxx.xxx.12:44767
UDP TTL:124 TOS:0x0 ID:3016 IpLen:20 DgmLen:29
Len: 9
50                                               P

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

03/20-22:56:29.644426 xxx.xxx.xxx.254:4311 -> xxx.xxx.xxx.15:44767
UDP TTL:124 TOS:0x0 ID:3784 IpLen:20 DgmLen:29
Len: 9
50                                               P

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

03/20-22:56:29.644426 xxx.xxx.xxx.254:4310 -> xxx.xxx.xxx.14:44767
UDP TTL:124 TOS:0x0 ID:3528 IpLen:20 DgmLen:29
Len: 9
50                                               P

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+







More information about the Snort-users mailing list