Snort mailing list archives

Previous By Date Next
Previous By Thread Next

cve cve[snort] MISC UPnP malformed advertisement ?!?!?!

From: Andre Cameron <andrec () cydock com>
Date: Sat, 05 Jul 2003 14:32:47 -0400
Hi,
My router is at 192.168.1.1 it is a Linksys and my server is at 192.168.1.111 and for some reason I keep getting these alerts (100's of em!)
#0-(1-2110) <http://cydock.gotdns.com:8090/acid/acid_qry_alert.php?submit=%230-%281-2110%29&sort_order=> cve bugtraq bugtraq cve[snort <http://www.snort.org/snort-db/sid.html?sid=1807>] WEB-MISC Transfer-Encoding: chunked 2003-07-05 18:33:15 192.168.1.111 <http://cydock.gotdns.com:8090/acid/acid_stat_ipaddr.php?ip=192.168.1.111&netmask=32>:8090 192.168.1.1 <http://cydock.gotdns.com:8090/acid/acid_stat_ipaddr.php?ip=192.168.1.1&netmask32>:39274 TCP #1-(1-2108) <http://cydock.gotdns.com:8090/acid/acid_qry_alert.php?submit=%231-%281-2108%29&sort_order=> cve cve[snort <http://www.snort.org/snort-db/sid.html?sid=1384>] MISC UPnP malformed advertisement 2003-07-05 18:32:57 192.168.1.1 <http://cydock.gotdns.com:8090/acid/acid_stat_ipaddr.php?ip=192.168.1.1&netmask=32>:1901 239.255.255.250 <http://cydock.gotdns.com:8090/acid/acid_stat_ipaddr.php?ip=239.255.255.250&netmask32>:1900 UDP
Any one have any clue whats making all these fals positives and get snort to stop? Is there an ignore file some where to put IP's to ignore? 

aNc



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: