Snort mailing list archives
SYN and Win32 SnortLog Analyzer
From: "Jason Withrow" <jwithrow () mediaone net>
Date: Sun, 16 Sep 2001 14:21:39 -0400
Hi, First thanks to everyone that have been very helpful, I appreciate you experience. Could some please SYN me, I want to compare the results I got, to see if my box is really filtering all the ports it should be. This is the nmap result I got. Initiating SYN half-open stealth scan against realweb2000 (66.31.82.9) The SYN scan took 950 seconds to scan 1523 ports. Warning: No TCP ports found open on this machine, OS detection will be MUCH less reliable All 1523 scanned ports on realweb2000 (66.31.82.9) are: filtered Too many fingerprints match this host for me to give an accurate OS guess TCP/IP fingerprint: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N) Nmap run completed -- 1 IP address (1 host up) scanned in 1083 seconds Also, in case anyone is interested, I am completing a win32 snort Log analyzer. I am pretty much just doing it because I don't want to have to go through all the trouble of installing ACID, but I will make the exe freely available for those whom want it. Thanks, - Jason _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- BPF Filters? Jason Withrow (Sep 15)
- Re: BPF Filters? John Sage (Sep 16)
- SYN and Win32 SnortLog Analyzer Jason Withrow (Sep 16)
- Re: BPF Filters? John Sage (Sep 16)