No subject


Thu Nov 23 16:36:19 EST 2017


Dec 19 05:32:04 maunder snort[1725]: spp_portscan: PORTSCAN DETECTED from 128.173.12.25 (THRESHOLD 3 connections exceeded in 6 seconds): 128.173.12.25:32770 -> 198.82.161.4:161
Dec 19 05:32:10 maunder snort[1725]: spp_portscan: portscan status from 128.173.12.25: 4 connections across 4 hosts: TCP(0), UDP(4)
Dec 19 05:32:27 maunder snort[1725]: spp_portscan: End of portscan from 128.173.12.25: TOTAL time(9s) hosts(4) TCP(0) UDP(4): 198.82.247.66:61228 -> 198.82.161.28:514
Dec 19 05:32:35 maunder snort[1725]: spp_portscan: PORTSCAN DETECTED from 128.173.12.25 (THRESHOLD 3 connections exceeded in 6 seconds): 128.173.12.25:32770 -> 198.82.161.4:161
Dec 19 05:32:40 maunder snort[1725]: spp_portscan: portscan status from 128.173.12.25: 4 connections across 4 hosts: TCP(0), UDP(4)
Dec 19 05:32:52 maunder snort[1725]: spp_portscan: End of portscan from 128.173.12.25: TOTAL time(9s) hosts(4) TCP(0) UDP(4): 198.82.161.15:137 -> 198.82.161.255:137
Dec 19 05:33:05 maunder snort[1725]: spp_portscan: PORTSCAN DETECTED from 128.173.12.25 (THRESHOLD 3 connections exceeded in 6 seconds): 128.173.12.25:32770 -> 198.82.161.4:161
Dec 19 05:33:10 maunder snort[1725]: spp_portscan: portscan status from 128.173.12.25: 4 connections across 4 hosts: TCP(0), UDP(4)
Dec 19 05:33:17 maunder snort[1725]: spp_portscan: End of portscan from 128.173.12.25: TOTAL time(9s) hosts(4) TCP(0) UDP(4): 198.82.247.66:61228 -> 198.82.161.28:514
Dec 19 05:33:35 maunder snort[1725]: spp_portscan: PORTSCAN DETECTED from 128.173.12.25 (THRESHOLD 3 connections exceeded in 7 seconds): 128.173.12.25:32770 -> 198.82.161.3:161
Dec 19 05:33:41 maunder snort[1725]: spp_portscan: portscan status from 128.173.12.25: 4 connections across 4 hosts: TCP(0), UDP(4)
Dec 19 05:33:47 maunder snort[1725]: spp_portscan: End of portscan from 128.173.12.25: TOTAL time(9s) hosts(4) TCP(0) UDP(4): 64.208.105.2:1426 -> 198.82.161.226:3128
Dec 19 05:34:04 maunder snort[1725]: spp_portscan: PORTSCAN DETECTED from 128.173.12.25 (THRESHOLD 3 connections exceeded in 6 seconds): 128.173.12.25:32770 -> 198.82.161.4:161
Dec 19 05:34:10 maunder snort[1725]: spp_portscan: portscan status from 128.173.12.25: 4 connections across 4 hosts: TCP(0), UDP(4)
Dec 19 05:34:16 maunder snort[1725]: spp_portscan: End of portscan from 128.173.12.25: TOTAL time(9s) hosts(4) TCP(0) UDP(4): 131.178.17.116:123 -> 198.82.161.227:123




More information about the Snort-users mailing list