No subject


Thu Nov 23 16:36:19 EST 2017


The sample server configuration file is an ideal starting point for an 
OpenVPN server configuration. It will create a VPN using a virtual TUN 
network interface (for routing), will listen for client connections on UDP 
port 1194 (OpenVPN's official port number), and distribute virtual addresses 
to connecting clients from the 10.8.0.0/24 subnet.

Shirkdog
http://www.shirkdog.us



>From: "Willy, Andrew" <AWilly at ...13017...>
>To: snort-users at lists.sourceforge.net
>Subject: RE: [Snort-users] (snort_decoder): Short UDP packet, length field 
> > payload leng
>Date: Thu, 14 Jul 2005 09:57:02 -0700
>
>The vendor supports medical equipment.  Seems as though the packets were
>destined for their publicly addressed network, and I've seen before that
>somehow UDP factors into their software VPN client intialization, so 
>perhaps
>the traffic was legitimate but somehow corrupted?
>
>Thanks
>
>Andrew
>
>
>
>
>-----Original Message-----
>From: M. Shirk [mailto:shirkdog_list at ...125...]
>Sent: Thursday, July 14, 2005 8:54 AM
>To: snort-users at lists.sourceforge.net
>Subject: RE: [Snort-users] (snort_decoder): Short UDP packet, length
>field > payload leng
>
>
>Does the vendor know the network impact of their product? (or any specs on
>the protocols the product uses for you to research?)
>
>Shirkdog
>http://www.shirkdog.us
>
>
>
> >From: "Willy, Andrew" <AWilly at ...13017...>
> >To: snort-users at lists.sourceforge.net
> >Subject: RE: [Snort-users] (snort_decoder): Short UDP packet, length 
>field
> > > payload length
> >Date: Thu, 14 Jul 2005 08:42:38 -0700
> >
> >Interesting, I just saw this alert for the first time yesterday.  When 
>you
> >say it is a bad thing, you mean as in potential exploit?  The were four
> >alerts that originated from a vendor machine that plugged into our DMZ.  
>As
> >far as I can tell, there is no payload.  I'm not sure what to make of it.
> >
> >Thank you,
> >
> >Andrew
>
>NOTICE OF CONFIDENTIALITY-The information in this email, including
>attachments, may be confidential and/or privileged and may contain
>confidential health information. This email is intended to be reviewed only
>by the individual or organization named as addressee. If you have received
>this email in error please notify Scottsdale Medical Imaging, an affiliate
>of Southwest Diagnostic Imaging, LTD immediately - by return message to the
>sender or to support at ...13018... - and destroy all copies of this message and
>any attachments. Please note that any views or opinions presented in this
>email are solely those of the author and do not necessarily represent those
>of Scottsdale Medical Imaging. Confidential health information is protected
>by state and federal law, including, but not limited to, the Health
>Insurance Portability and Accountability Act of 1996 and related
>regulations.
>
>
>-------------------------------------------------------
>SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
>from IBM. Find simple to follow Roadmaps, straightforward articles,
>informative Webcasts and more! Get everything you need to get up to
>speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=snort-users

_________________________________________________________________
Is your PC infected? Get a FREE online computer virus scan from McAfee® 
Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963





More information about the Snort-users mailing list