From owner-freebsd-security  Thu Mar  8  9:33:38 2001
Delivered-To: freebsd-security@freebsd.org
Received: from black.purplecat.net (ns1.purplecat.net [209.16.228.148])
	by hub.freebsd.org (Postfix) with ESMTP id C104F37B719
	for <freebsd-security@freebsd.org>; Thu,  8 Mar 2001 09:33:29 -0800 (PST)
	(envelope-from peter@black.purplecat.net)
Received: from localhost (peter@localhost)
	by black.purplecat.net (8.8.8/8.8.8) with ESMTP id MAA28013
	for <freebsd-security@freebsd.org>; Thu, 8 Mar 2001 12:35:47 -0500 (EST)
	(envelope-from peter@black.purplecat.net)
Date: Thu, 8 Mar 2001 12:35:47 -0500 (EST)
From: Peter Brezny <peter@black.purplecat.net>
To: freebsd-security@freebsd.org
Subject: New to Snort.
Message-ID: <Pine.BSF.4.05.10103081233130.27988-100000@black.purplecat.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

I'm new to using snort, and would like to know if this is the appropriate
place to ask questions about the allert logs it generates.

For example, What does all this mean?

[**] MISC source port 53 to <1023 [**]
03/08-05:16:23.823888 193.75.177.1:53 -> 209.16.228.148:53
UDP TTL:42 TOS:0x0 ID:54352 IpLen:20 DgmLen:61
Len: 41
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

am i in big trouble?

Thanks in advance.

Peter Brezny 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message