|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Snort (about large-udp attack)
From: JW Oh (mat
IVNTECH.COM)Date: Mon Jul 10 2000 - 03:32:37 CDT
- Next message: gabriel rosenkoetter: "Re: tin.it and others non collaborative isps."
- Previous message: Pavel Lozhkin: "Re: scan log and subsequent response from the host's ISP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I run snort these days...
And I've found some messages like this.
[**] IDS247/large-udp [**]
07/10-17:31:56.640983 0:D0:58:AD:3E:8B -> 0:50:BF:1C:8A:D5 type:0x800
len:0x536
xx.xx.xx.xx:4244 -> xx.xx.xx.xx:2546 UDP TTL:122 TOS:0x0 ID:6536
Len: 1296
What kind of attack can it be?
Or what kind of traffic?
TIA
- Next message: gabriel rosenkoetter: "Re: tin.it and others non collaborative isps."
- Previous message: Pavel Lozhkin: "Re: scan log and subsequent response from the host's ISP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]