Snort mailing list archives

Re: Portscan traffic

From: "mike Hughes" <mikehughes013 () hotmail com>
Date: Mon, 17 Mar 2003 15:03:19 -0800

Whats Up Alwin

Dont forget to check out the FAQ's. They help a bunch, here is a link thatmight help you!


http://www.snort.org/docs/faq.html#6.16

From: Alwin Raymundo <alrayworld () yahoo com>
To: user snort <snort-users () lists sourceforge net>
Subject: [Snort-users] Portscan traffic
Date: Mon, 17 Mar 2003 13:06:00 -0800 (PST)
MIME-Version: 1.0
Received: from mc8-f13.law1.hotmail.com ([65.54.253.149]) bymc8-s7.law1.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Mon, 17 Mar2003 14:24:27 -0800Received: from sc8-sf-list2.sourceforge.net ([66.35.250.206]) bymc8-f13.law1.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Mon, 17 Mar2003 14:23:38 -0800Received: from sc8-sf-list1-b.sourceforge.net ([10.3.1.13]helo=sc8-sf-list1.sourceforge.net)by sc8-sf-list2.sourceforge.net withesmtp (Exim 3.31-VA-mm2 #1 (Debian))id 18v2zn-0006hC-00; Mon, 17 Mar 200314:22:15 -0800Received: from web80405.mail.yahoo.com ([66.218.79.60])bysc8-sf-list1.sourceforge.net with smtp (Exim 3.31-VA-mm2 #1 (Debian))id18v1o5-0000Xs-00for <snort-users () lists sourceforge net>; Mon, 17 Mar 200313:06:05 -0800Received: from [209.47.245.88] by web80405.mail.yahoo.com via HTTP; Mon, 17Mar 2003 13:06:00 PST
X-Message-Info: o8IIVuzO8A13AtcZA7MttAtZ8kyHR+AV
Message-ID: <20030317210600.78394.qmail () web80405 mail yahoo com>
Sender: snort-users-admin () lists sourceforge net
Errors-To: snort-users-admin () lists sourceforge net
X-BeenThere: snort-users () lists sourceforge net
X-Mailman-Version: 2.0.9-sf.net
Precedence: bulk
List-Help: <mailto:snort-users-request () lists sourceforge net?subject=help>
List-Post: <mailto:snort-users () lists sourceforge net>
List-Subscribe:<https://lists.sourceforge.net/lists/listinfo/snort-users>,<mailto:snort-users-request () lists sourceforge net?subject=subscribe>List-Id: Snort users talk about... Snort!<snort-users.lists.sourceforge.net>List-Unsubscribe:<https://lists.sourceforge.net/lists/listinfo/snort-users>,<mailto:snort-users-request () lists sourceforge net?subject=unsubscribe>List-Archive:<http://sourceforge.net/mailarchive/forum.php?forum=snort-users>
X-Original-Date: Mon, 17 Mar 2003 13:06:00 -0800 (PST)
Return-Path: snort-users-admin () lists sourceforge net
X-OriginalArrivalTime: 17 Mar 2003 22:23:39.0718 (UTC)FILETIME=[DC3F3660:01C2ECD3]
Hi Guys,

I need your help once again.  I installed Snort,
Barnyard and acid.

Now my questioned is there any procedure that I can
view my portscan traffic. I can view the TCP, UDP,
ICMP but portscan traffic cannot.

BTW I'm using redhat 7.3

Any help would highly appreciated.

Thanks

=====
Alwin Raymundo

__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com


-------------------------------------------------------
This SF.net email is sponsored by:Crypto Challenge is now open!
Get cracking and register here for some mind boggling fun and
the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



_________________________________________________________________

Help STOP SPAM with the new MSN 8 and get 2 months FREE*http://join.msn.com/?page=features/junkmail




-------------------------------------------------------

This SF.net email is sponsored by:Crypto Challenge is now open!Get cracking and register here for some mind boggling fun andthe chance of winning an Apple iPod:

http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Portscan traffic Alwin Raymundo (Mar 17)
- Re: Portscan traffic Matt Kettler (Mar 17)
- <Possible follow-ups>
- Re: Portscan traffic mike Hughes (Mar 17)