Snort mailing list archives

No clue?

From: John Friedman <jfriedmanx () yahoo com>
Date: Fri, 11 Nov 2005 07:07:08 -0800 (PST)

Hi all,
 
I consistenly get these alerts from the Citrix server:
 
 [input]   ID  < Signature >  < Timestamp >  < Source Address >  < Dest. Address >  < Layer 4 Proto >     [input]      
[input]     #0-(2-4654)       [snort] spp_portscan: End of portscan from 10.1.10.6: TOTAL time(17s) hosts(2) TCP(5) 
UDP(0)       2005-11-11 09:59:09       10.1.10.6       unknown       IP        [input]      [input]     #1-(2-4653)     
  [snort] spp_portscan from 10.1.10.6: 5 connections across 2 hosts: TCP(5), UDP(0)       2005-11-11 09:58:20       
10.1.10.6       unknown       IP    

 

no clue what it does mean?  the destination IP is unknown and can anyone help me out?

 

Thanks,

 

John

                
---------------------------------
 Yahoo! FareChase - Search multiple travel sites in one click.

Current thread:

No clue? John Friedman (Nov 11)
- <Possible follow-ups>
- RE: No clue? John Friedman (Nov 11)
  - RE: No clue? John Friedman (Nov 15)
    - Re: No clue? Matt Kettler (Nov 15)
    - Re: No clue? John Friedman (Nov 15)
- RE: No clue? John Friedman (Nov 15)
- RE: No clue? Briggs, Bruce (Nov 15)
  - RE: No clue? John Friedman (Nov 15)
    - Re: No clue? Joel Esler (Nov 15)
- Re: No clue? John Friedman (Nov 15)
- Re: No clue? Joel Esler (Nov 15)

(Thread continues...)