|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: alexus (ml
db.nexgen.com)Date: Tue Jun 19 2001 - 18:10:07 CDT
un 19 19:05:26 box snort: spp_portscan: portscan status from 216.27.143.184:
2 connections across 1 hosts: TCP(1), UDP(1) STEALTH
Jun 19 19:05:26 box /kernel: Jun 19 19:05:26 box snort: spp_portscan:
portscan status from 216.27.143.184: 2 connections across 1 hosts: TCP(1),
UDP(1) STEALTH
Jun 19 19:05:30 box snort: spp_portscan: End of portscan from
216.27.143.184: TOTAL time(1s) hosts(1) TCP(1) UDP(1) STEALTH
Jun 19 19:05:30 box /kernel: Jun 19 19:05:30 box snort: spp_portscan: End of
portscan from 216.27.143.184: TOTAL time(1s) hosts(1) TCP(1) UDP(1) STEALTH
i'm geting this in my syslog like every other 10 minutes.. i know that ip is
not portscaning me 'cause i wouldn't portscan myself:)
any ideas what could cause that?
as far as i can tell i do have a bit of communication between my box and
that pc .. that's dns .. but then again why is it doing every 10 minutes?
and in snort.conf i put into var DNS_SERVERS i put this ip..
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]