Snort mailing list archives
IP recognition
From: Mayur Patil <ram.nath241089 () gmail com>
Date: Fri, 19 Jul 2013 14:48:35 +0530
Hello, I am unable to recognize the IP when I run snort in NIDS mode. *192.168.10.121:56333 -> 224.0.0.252:5355* UDP TTL:1 TOS:0x0 ID:18058 IpLen:20 DgmLen:50 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 07/19-14:45:25.191751 00:22:19:06:B9:1C -> FF:FF:FF:FF:FF:FF type:0x800 len:0x5C * 10.1.11.172:137 -> 10.1.11.255:137* UDP TTL:128 TOS:0x0 ID:15751 IpLen:20 DgmLen:78 +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 07/19-14:45:25.194146 B8:AC:6F:45:F8:23 -> FF:FF:FF:FF:FF:FF type:0x800 len:0xF3 * 10.1.47.230:138 -> 10.1.47.255:138* UDP TTL:128 TOS:0x0 ID:5740 IpLen:20 DgmLen:229 My admin says it is from other IP range within proxy then why they are bombarding on my system unintentionally ?? How to stop them from interacting my system? Any hints !! Seeking for guidance, Thanks !! -- *Cheers, Mayur*.
------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- IP recognition Mayur Patil (Jul 19)
- Re: IP recognition waldo kitty (Jul 19)
- Re: IP recognition Mayur Patil (Jul 19)
- Re: IP recognition waldo kitty (Jul 19)