[Snort-users] Bad-Traffic message....

Jeffery Gunter jgunter at ...13738...
Mon May 8 08:53:02 EDT 2006


I do not even have a piece of equipment with this address on my network.
I've tried Ping, Tracert and nothing comes back other than seeing it go
through my router to the internet but nothing after that.

Jeffery Gunter  |  Chief Information Officer  |  Citizens Bank of East
Tennessee  |  http://www.cbetn.com
email:  jgunter at ...13738...
Land:  423-272-2200  x17
Cell:  423-754-5157
Fax:  423-272-2322

-----Original Message-----
From: Kretzer, Jason R (Big Sandy) [mailto:jason.kretzer at ...13486...] 
Sent: Monday, May 08, 2006 11:50 AM
To: Jeffery Gunter; snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] Bad-Traffic message....

I get these as well.  Mine come from a networked Dell printer that is
communicating with itself.  Strange, I know but it happens.  Try
entering the IP into a web browser and see if the printer interface
comes up.

-Jason
 

> -----Original Message-----
> From: snort-users-admin at lists.sourceforge.net 
> [mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of 
> Jeffery Gunter
> Sent: Monday, May 08, 2006 11:33 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Bad-Traffic message....
> Importance: Low
> 
> Does anyone know how I can find out what this is and why?  I'm getting
> about 30 messages a day on it and I can't figure out where it's coming
> from.
> 
> Jeffery Gunter  |  Chief Information Officer  |  Citizens Bank of East
> Tennessee  |  http://www.cbetn.com
> email:  jgunter at ...13738...
> Land:  423-272-2200  x17
> Cell:  423-754-5157
> Fax:  423-272-2322
> -----Original Message-----
> From: IDS [mailto:SNORT] 
> Sent: Monday, May 08, 2006 11:30 AM
> To: Jeffery Gunter; 4237545157 at ...10251...
> Subject: 
> Importance: Low
> 
> IDS:S=snort:ID=1:[1:527:8] BAD-TRAFFIC same SRC/DST [Classification:
> Potentially Bad Traffic] [Priority: 2]: {UDP} 10.51.215.100:1378 ->
> 10.51.215.100:3069 
> :IDS:S=snort:ID=1:[1:527:8] BAD-TRAFFIC same SRC/DST [Classification:
> Potentially Bad Traffic] [Priority: 2]: {UDP} 10.51.215.100:1378 ->
> 10.51.215.100:3069 
> :IDS:S=snort:ID=1:[1:527:8] BAD-TRAFFIC same SRC/DST [Classification:
> Potentially Bad Traffic] [Priority: 2]: {UDP} 10.51.215.100:1378 ->
> 10.51.215.100:3069 
> :
> 
> This e-mail was scanned for viruses.
> 
> 
> -------------------------------------------------------
> Using Tomcat but need to do more? Need to support web 
> services, security?
> Get stuff done quickly with pre-integrated technology to make 
> your job easier
> Download IBM WebSphere Application Server v.1.0.1 based on 
> Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=k&kid0709&bid&3057&dat1642
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=ort-users
> 

This e-mail was scanned for viruses.

This e-mail was scanned for viruses.




More information about the Snort-users mailing list