Snort mailing list archives
packets
From: cristal_ball () libero it
Date: Mon, 12 May 2003 10:11:53 +0200
Hi all j was finally able to install snort and snortsnarf on my machine i run snort with this command: snort -d -l ../log -c ../etc/snort.conf what i get is: [**] SMTP HELO overflow attempt [**] 05/10-21:51:08.170228 12.238.244.xxx:4147 -> 217.141.xxx.xxx:25 TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:51 ***AP*** Seq: 0xDE85D08A Ack: 0xB8A2FDC1 Win: 0xF98E TcpLen: 20 48 45 4C 4F 20 31 32 2D 32 33 38 HELO 12-238 am j logging only the header? if yes is there a way not to? thank in advance ------------------------------------------------------- Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara The only event dedicated to issues related to Linux enterprise solutions www.enterpriselinuxforum.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- packets cristal_ball (May 12)
- Tracing certain file requests ... Jon Baer (May 12)