IDS mailing list archives

Re: possible causes of source and destination ip from external network

From: Jose Nazario <jose () monkey org>
Date: Wed, 23 Jun 2004 13:40:16 -0400 (EDT)

actually, another question to ask is "is this a few isolated packets, a
flood of packets in one direction, or were connections initiated?" if you
can answer this you may be able to get insight into what's going on.

________
jose nazario, ph.d.                     jose () monkey org
http://monkey.org/~jose/                http://infosecdaily.net/

---------------------------------------------------------------------------

---------------------------------------------------------------------------

Current thread:

possible causes of source and destination ip from external network Annie Green (Jun 21)
- Re: possible causes of source and destination ip from external network Jose Nazario (Jun 22)
  - Re: possible causes of source and destination ip from external network Adam Powers (Jun 23)
    - Re: possible causes of source and destination ip from external network Jose Nazario (Jun 24)
- Re: possible causes of source and destination ip from external network Adam Baldwin (Jun 22)
- Re: possible causes of source and destination ip from external network Mike Frantzen (Jun 22)
- Re: possible causes of source and destination ip from external network Tony Rall (Jun 22)
- Re: possible causes of source and destination ip from external network Tony Carter (Jun 24)
- Re: possible causes of source and destination ip from external network Stephen Samuel (Jun 29)
- <Possible follow-ups>
- RE: possible causes of source and destination ip from external network Tom Arseneault (Jun 22)