Hi: I have searched for the docs to prelude-ids. I'm using LM 9.0 and can't seem to find any. Even the link to docs seems broken at www.prelude-ids.org.
Anybody knows what the following means: *** Wed Jul 2 09:43:46 2003 Plugin : ScanDetect Author : Yoann Vandoorselaere Contact : [EMAIL PROTECTED] description : Detect almost all kind of scanning. kind : Should be ok received : 1 time message : Udp scanning attempt: 43 cnx from port 1320 to 33823 in 20 seconds. Ether hdr : 0:7:84:84:c4:8 -> 0:a0:cc:a1:fc:75 [ether_type=ip (2048)] Ip hdr : 200.12.228.2 -> 200.91.120.78 [hl=20,version=4,tos=0,len=126,id=0,ttl=63] Udp hdr : 53 -> 33757 [len=106] Data hdr : size=98 bytes Data hexadecimal dump follow : bc ab 85 83 00 01 00 00 00 01 00 00 08 45 64 75 .............Edu 61 72 64 6f 53 06 73 69 6e 74 65 72 03 63 6f 6d ardoS.sinter.com 02 6e 69 00 00 01 00 01 c0 15 00 06 00 01 00 01 .ni............. 51 80 00 2e 02 6e 73 08 63 61 62 6c 65 6e 65 74 Q....ns.cablenet c0 1c 09 77 65 62 6d 61 73 74 65 72 c0 15 77 64 ...webmaster..wd 29 01 00 00 1c 20 00 00 1c 20 00 09 3a 80 00 01 ).... ... ..:... 51 80 Q. I would like to know what the threat is, who did it, from where, etc. Any help or pointers to docs would be appreciated. Thank you and regards. ===== -- Alfredo J. Cole http://www.acyc.com http://www.clshonduras.com __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com