Date: Thu, 8 Mar 2001 14:40:30 -0600 (CST) From: Nick Rogness <nick@rogness.net> To: Peter Brezny <peter@black.purplecat.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: New to Snort. Message-ID: <Pine.BSF.4.21.0103081436270.74800-100000@cody.jharris.com> In-Reply-To: <Pine.BSF.4.05.10103081233130.27988-100000@black.purplecat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 8 Mar 2001, Peter Brezny wrote: > I'm new to using snort, and would like to know if this is the appropriate > place to ask questions about the allert logs it generates. Send questions to snort-users@lists.sourceforge.net (mailing list). > > For example, What does all this mean? > > [**] MISC source port 53 to <1023 [**] > 03/08-05:16:23.823888 193.75.177.1:53 -> 209.16.228.148:53 > UDP TTL:42 TOS:0x0 ID:54352 IpLen:20 DgmLen:61 > Len: 41 That is a packet from your network to another machine. It just happens to be a DNS packet (UDP) and the other numbers are just the packet header info. > > am i in big trouble? No. You can check out http://www.snort.org for more info. Nick Rogness <nick@rogness.net> - Keep on routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0103081436270.74800-100000>