Snort mailing list archives
Snort.alert log
From: Kristof Goossens <kristof () xssass be>
Date: Fri, 15 Nov 2002 09:00:53 +0100
Hello,
I've read the following in my snort.alert log:
[**] [116:46:1] (snort_decoder) WARNING: TCP Data Offset is less than 5! [**]
11/13-21:21:31.736604 200.207.87.24:0 -> 80.84.232.115:0
TCP TTL:117 TOS:0x0 ID:19244 IpLen:20 DgmLen:40
*******F Seq: 0x3A6D74 Ack: 0x1000010 Win: 0x0 TcpLen: 0
I don't know what this means however... Specially the ports seam strange to me.
Any help would be appreciated!
Thanks in advance,
Kristof Goossens
PS: Please, explicitly include my address as I am not subscribed to this list...
--
Digital fingerprint: F56F F987 0E0C AFF8 0B6D 7CA1 F152 E07D 72AF 337B
Attachment:
_bin
Description:
Current thread:
- Snort.alert log Kristof Goossens (Nov 15)