Code: Select all
[**] [125:7:1] (ftp_telnet) FTP traffic encrypted [**] [Priority: 3] 08/16-00:54:18.767326 201.239.227.163:21 -> 192.168.1.102:4445 TCP TTL:112 TOS:0x0 ID:2509 IpLen:20 DgmLen:210 DF ***AP*** Seq: 0x119B3CAE Ack: 0xAE4F3A6C Win: 0x104 TcpLen: 32 TCP Options (3) => NOP NOP TS: 288650 525795935
[**] [122:2:0] (portscan) TCP Decoy Portscan [**] [Priority: 3] 08/16-09:01:25.785685 81.77.193.161 -> 192.168.1.102 PROTO:255 TTL:0 TOS:0x0 ID:0 IpLen:20 DgmLen:171 DF
[**] [116:54:1] (snort_decoder): Tcp Options found with bad lengths [**] [Priority: 3] 08/16-09:05:20.806428 24.148.102.31:6881 -> 192.168.1.102:3005 TCP TTL:43 TOS:0x0 ID:12482 IpLen:20 DgmLen:1420 DF ***AP*** Seq: 0xC169DB5D Ack: 0xB1EF99C7 Win: 0xFFFF TcpLen: 32
[**] [116:55:1] (snort_decoder): Truncated Tcp Options [**] [Priority: 3] 08/16-09:05:22.255822 24.148.102.31:6881 -> 192.168.1.102:3005 TCP TTL:43 TOS:0x0 ID:12506 IpLen:20 DgmLen:1420 DF ***AP*** Seq: 0xC169F0ED Ack: 0xB1EF99C7 Win: 0xFFFF TcpLen: 32
[**] [122:3:0] (portscan) TCP Portsweep [**] [Priority: 3] 08/16-09:08:10.280402 192.168.1.102 -> 81.227.152.202 PROTO:255 TTL:0 TOS:0x0 ID:31795 IpLen:20 DgmLen:165
[**] [1:485:5] ICMP Destination Unreachable Communication Administratively Prohibited [**] [Classification: Misc activity] [Priority: 3] 08/16-09:08:18.350637 77.184.199.118 -> 192.168.1.102 ICMP TTL:46 TOS:0x0 ID:52551 IpLen:20 DgmLen:56 Type:3 Code:13 DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED, PACKET FILTERED ** ORIGINAL DATAGRAM DUMP: 192.168.1.102:10269 -> 77.184.199.118:44959 TCP TTL:47 TOS:0x0 ID:52551 IpLen:20 DgmLen:60 DF Seq: 0xE908DEED ** END OF DUMP
[**] [1:524:8] BAD-TRAFFIC tcp port 0 traffic [**] [Classification: Misc activity] [Priority: 3] 08/16-09:23:35.403995 192.168.1.102:24527 -> 71.57.33.223:0 TCP TTL:64 TOS:0x0 ID:13496 IpLen:20 DgmLen:60 DF ******S* Seq: 0x4298A764 Ack: 0x0 Win: 0x16D0 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 533435356 0 NOP WS: 6