No subject

Thu Nov 23 16:36:19 EST 2017

The sample server configuration file is an ideal starting point for an 
OpenVPN server configuration. It will create a VPN using a virtual TUN 
network interface (for routing), will listen for client connections on UDP 
port 1194 (OpenVPN's official port number), and distribute virtual addresses 
to connecting clients from the subnet.


>From: "Willy, Andrew" <AWilly at ...13017...>
>To: snort-users at
>Subject: RE: [Snort-users] (snort_decoder): Short UDP packet, length field 
> > payload leng
>Date: Thu, 14 Jul 2005 09:57:02 -0700
>The vendor supports medical equipment.  Seems as though the packets were
>destined for their publicly addressed network, and I've seen before that
>somehow UDP factors into their software VPN client intialization, so 
>the traffic was legitimate but somehow corrupted?
>-----Original Message-----
>From: M. Shirk [mailto:shirkdog_list at ...125...]
>Sent: Thursday, July 14, 2005 8:54 AM
>To: snort-users at
>Subject: RE: [Snort-users] (snort_decoder): Short UDP packet, length
>field > payload leng
>Does the vendor know the network impact of their product? (or any specs on
>the protocols the product uses for you to research?)
> >From: "Willy, Andrew" <AWilly at ...13017...>
> >To: snort-users at
> >Subject: RE: [Snort-users] (snort_decoder): Short UDP packet, length 
> > > payload length
> >Date: Thu, 14 Jul 2005 08:42:38 -0700
> >
> >Interesting, I just saw this alert for the first time yesterday.  When 
> >say it is a bad thing, you mean as in potential exploit?  The were four
> >alerts that originated from a vendor machine that plugged into our DMZ.  
> >far as I can tell, there is no payload.  I'm not sure what to make of it.
> >
> >Thank you,
> >
> >Andrew
>NOTICE OF CONFIDENTIALITY-The information in this email, including
>attachments, may be confidential and/or privileged and may contain
>confidential health information. This email is intended to be reviewed only
>by the individual or organization named as addressee. If you have received
>this email in error please notify Scottsdale Medical Imaging, an affiliate
>of Southwest Diagnostic Imaging, LTD immediately - by return message to the
>sender or to support at ...13018... - and destroy all copies of this message and
>any attachments. Please note that any views or opinions presented in this
>email are solely those of the author and do not necessarily represent those
>of Scottsdale Medical Imaging. Confidential health information is protected
>by state and federal law, including, but not limited to, the Health
>Insurance Portability and Accountability Act of 1996 and related
>SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
>from IBM. Find simple to follow Roadmaps, straightforward articles,
>informative Webcasts and more! Get everything you need to get up to
>speed, fast.
>Snort-users mailing list
>Snort-users at
>Go to this URL to change user options or unsubscribe:
>Snort-users list archive:

Is your PC infected? Get a FREE online computer virus scan from McAfee® 

More information about the Snort-users mailing list