Security Incidents mailing list archives
suspicious packets
From: "Michael Anuzis" <michael_anuzis () hotmail com>
Date: Wed, 30 Jan 2002 22:39:15 -0500
http://www.anuzis.net/tcp0/ this directory on my webserver contains two files: snort.capture = a portion of a snort capture tcp.dump = a look at the content of the suspicious packets tcp source port zero, tcp destination port zero a stealth port scan about 2 minutes later on a single port from the same IP no nslookup or whois entry for the suspicious source IP _________________________________________________________________MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- suspicious packets Michael Anuzis (Jan 31)