Snort mailing list archives
RE: Nmap
From: "Esler, Joel - Contractor" <joel.esler () rcert-s army mil>
Date: Fri, 14 Nov 2003 10:20:20 -0500
Not necessarily, you can set Nmap to scan FROM a particular port too... But it could be a false positive... J -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Gerson Sampaio Sent: Friday, November 14, 2003 8:20 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Nmap Hi List, i received this alert and i'd like to know why the source is using port 80. Is this forged ? 11/13-17:26:42.075512 [**] [1:628:2] SCAN nmap TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} x.x.x.x:80 -> y.y.y.y:53 TIA Gerson Sampaio __________________________________ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree ------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Nmap Gerson Sampaio (Nov 14)
- <Possible follow-ups>
- RE: Nmap Esler, Joel - Contractor (Nov 17)
- RE: Nmap MH (Nov 17)
- RE: Nmap bmcdowell (Nov 19)
- Message not available
- RE: Nmap Matt Kettler (Nov 19)
- Message not available