Snort mailing list archives

Previous By Date Next
Previous By Thread Next

packets

From: cristal_ball () libero it
Date: Mon, 12 May 2003 10:11:53 +0200
Hi all
j was finally able to install snort and snortsnarf on my machine

i run snort with this command:
snort -d -l ../log -c ../etc/snort.conf

what i get is:

[**] SMTP HELO overflow attempt [**]
05/10-21:51:08.170228 12.238.244.xxx:4147 -> 217.141.xxx.xxx:25
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:51
***AP*** Seq: 0xDE85D08A  Ack: 0xB8A2FDC1  Win: 0xF98E  TcpLen: 20
48 45 4C 4F 20 31 32 2D 32 33 38                 HELO 12-238


am j logging only the header?
if yes is there a way not to?

thank in advance



-------------------------------------------------------
Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara
The only event dedicated to issues related to Linux enterprise solutions
www.enterpriselinuxforum.com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: