Snort mailing list archives
Nmap
From: Gerson Sampaio <rootbit () yahoo com>
Date: Fri, 14 Nov 2003 05:19:36 -0800 (PST)
Hi List, i received this alert and i'd like to know why the source is using port 80. Is this forged ? 11/13-17:26:42.075512 [**] [1:628:2] SCAN nmap TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} x.x.x.x:80 -> y.y.y.y:53 TIA Gerson Sampaio __________________________________ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree ------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Nmap Gerson Sampaio (Nov 14)
- <Possible follow-ups>
- RE: Nmap Esler, Joel - Contractor (Nov 17)
- RE: Nmap MH (Nov 17)
- RE: Nmap bmcdowell (Nov 19)
- Message not available
- RE: Nmap Matt Kettler (Nov 19)
- Message not available