[Snort-users] analyse snort0305 at ...5352...

Thorsten Weigl t.weigl at ...5350...
Thu Mar 21 00:57:01 EST 2002


hi,

was checking our log and found the following. i have no clue what this
means. especially confusing: why are there month old parts of .bash_history
?

tia.

~t
--
weigl interservice . thorsten weigl
>> fon +49-89-510 99 310
>> mobil +170-480 77 05

<-- snipp -->
\xf6^C\x87<^YQ
^@H^@^@^@H^@^@^@^@^@\xcbY^W\xd1^@\xc0{\x8f\xc9\x84^H^@E^@^@:\x831@^@\xe6^Fp\
xc1\xd2\xb2^Lo\xc0\xa8^A^A\xc1g^@P\xcd\xc8\xf9\xda
\x95\xc9'0P^X"8~\xc2^@^@GET x HTTP/1.0^M
^M
sx\x87<^R^@^C^@b^@^@^@b^@^@^@^@^@\xcbY^W\xd1^@\xc0\xdf\xeb\x9e\xf2^H^@E^@^@T
^@^@^@^@@^Q\xf7D\xc0\xa8^A^C\xc0\xa8^A^A^B\xb1^@o^
@@\x94}&\xd4\xb0Q^@^@^@^@^@^@^@^B^@^A\x86\xa0^@^@^@^B^@^@^@^C^@^@^@^@^@^@^@^
@^@^@^@^@^@^@^@^@^@^A\x86\xa5^@^@^@^A^@^@^@^F^@^@^
@^@sx\x87<=\xd9^L^@b^@^@^@b^@^@^@^@^@\xcbY^W\xd1^@\xc0\xdf\xeb\x9e\xf2^H^@E^
@^@T^@      ^@^@@^Q\xf7;\xc0\xa8^A^C\xc0\xa8^A^A^B
\xb5^@o^@@_\x9e?\x96\xccj^@^@^@^@^@^@^@^B^@^A\x86\xa0^@^@^@^B^@^@^@^C^@^@^@^
@^@^@^@^@^@^@^@^@^@^@^@^@^@^A\x86\xa5^@^@^@^A^@^@^
@^F^@^@^@^@\x87x\x87<&\xa9^L^@J^@^@^@J^@^@^@^@^@\xcbY^W\xd1^@\xc0\xdf\xeb\x9
e\xf2^H^@E^@^@<^@%@^@@^F\xb7B\xc0\xa8^A^C\xc0\xa8^
A^A^Wq^GJ\xb6Q\xbc\x98\xecp^H\xc5\xa0^R>\xbcc^M^@^@^B^D^E\xb4^D^B^H
^@^@^P@^G\x99\x84$^A^C^C^@\x88x\x87<k^Q^C^@J^@^@^@J^@^@^@^@^@\xcbY^W\xd1^@\x
c0\xdf\xeb\x9e\xf2^H^@E^@^@<^@-@^@@^F\xb7:\xc0\xa8
^A^C\xc0\xa8^A^A^Wq^GK\xb6B\xd6\x94\xeccP,\xa0^R>\xbc^A{^@^@^B^D^E\xb4^D^B^H
^@^@^Pe^G\x99\x84I^A^C^C^@\x88x\x87<\xe6^B^G^@J^@^@^@J^@^@^@^@^@\xcbY^W\xd1^
@\xc0\xdf\xeb\x9e\xf2^H^@E^@^@<^@5@^@@^F\xb72\xc0\
xa8^A^C\xc0\xa8^A^A^Wq^GL\xb6p^C^^\xec)O\xe1\xa0^R>\xbc\xd5^S^@^@^B^D^E\xb4^
D^B^H
^@^@^P^?^G\x99\x84c^A^C^C^@b\x81\x87<\xfc\xf6^F^@\x8e^P^@^@\x8e^P^@^@^@\xc0\
xdf\xeb\x9e\xf2^@^@\xcbY^W\xd1^H^@E^@^P\x80\x9f\xd
a^@^@@^QG>\xc0\xa8^A^A\xc0\xa8^A^C^H^A^C
^PlQ(^Q`Qw^@^@^@^A^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^A^@^@\x81\x
80^@^@^@^
A^@^@^C\xec^@^@^@d^@^@^Z^N^@^@^P^@^@^@5?^@^@^@^P^@^@^CF^@^H^W\xf1<\x87\x81b^
@^@^@^@<I\x9f@^@^@^@^@<I\x9f@^@^@^@^@^@^@^P^@vi Ha
mster-Start.bat
./Hamster-Start.bat
find . -name *.class -exec grep basename '{}' ';'
find . -name *.java -exec grep basename '{}' ';'
vi Hamster-Start.bat
find . -name *.java -exec grep basename '{}' ';'
./Hamster-Start.bat
vi README.txt
cd src/hamster/offline/
<-- snipp -->





More information about the Snort-users mailing list