|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: skop d'skop (skop
visto.com)Date: Tue Jun 05 2001 - 19:51:49 CDT
hi guys,
come across this alert lately for my network
[**] IDS10 - RPC - portmap-request-rstatd [**]
May 30 11:25:15 A.B.C.80:3348 -> X.Y.Z.9:111 SYN ******S*
May 30 11:25:16 A.B.C.80:726 -> X.Y.Z.9:111 UDP
May 20 11:25:15 A.B.C.80:3351 -> X.Y.Z.12:111 SYN ******S*
May 20 11:25:15 A.B.C.80:3352 -> X.Y.Z.13:111 SYN ******S*
May 20 11:25:16 208.131.80.80:727 -> X.Y.Z.13:111 UDP
and i'm wondering what kind of scanning / tool that trigger this alert.
i 've done with #rpcinfo -p hostname and #nmap -sU -sR hostname , yet no similiar output.
-skop
___________________________________________________________________________
Visit http://www.visto.com/info, your free web-based communications center.
Visto.com. Life on the Dot.
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]