62
Chapter 2 Installing Snort and Getting Started
== Initialization Complete ==
*> Snort! <*
Version 1.9.0 (Build 209)
By Martin Roesch (roesch@sourcefire.com, www.snort.org)
05/27 12:11:10.063820 0:D0:59:6C:9:8B > FF:FF:FF:FF:FF:FF type:0x800
len:0xFC
192.168.1.100:138 > 192.168.1.255:138 UDP TTL:128 TOS:0x0 ID:48572
IpLen:20 DgmLen:238
Len: 218
11 0E 82 D5 C0 A8 01 64 00 8A 00 C4 00 00 20 46 .......d...... F
43 46 43 43 4E 45 4D 45 42 46 41 46 45 45 50 46 CFCCNEMEBFAFEEPF
41 43 41 43 41 43 41 43 41 43 41 43 41 41 41 00 ACACACACACACAAA.
20 41 42 41 43 46 50 46 50 45 4E 46 44 45 43 46 ABACFPFPENFDECF
43 45 50 46 48 46 44 45 46 46 50 46 50 41 43 41 CEPFHFDEFFPFPACA
42 00 FF 53 4D 42 25 00 00 00 00 00 00 00 00 00 B..SMB%.........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 11 00 00 2A 00 00 00 00 00 00 00 00 00 E8 .....*..........
03 00 00 00 00 00 00 00 00 2A 00 56 00 03 00 01 .........*.V....
00 01 00 02 00 3B 00 5C 4D 41 49 4C 53 4C 4F 54 .....;.\MAILSLOT
5C 42 52 4F 57 53 45 00 0C 00 A0 BB 0D 00 42 41 \BROWSE.......BA
54 54 4C 45 43 4F 57 53 00 00 00 00 01 00 03 0A TTLECOWS........
00 10 00 80 D4 FE 50 03 52 52 2D 4C 41 50 54 4F ......P.RR LAPTO
50 00 P.
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
11/20 16:20:38.459702 0:D0:59:6C:9:8B > 0:50:BA:5E:EC:25 type:0x800
len:0x3C
192.168.1.100:2474 > 192.168.1.2:22 TCP TTL:128 TOS:0x0 ID:4506
IpLen:20 DgmLen:40 DF
***A**** Seq: 0x9DAEFD9C Ack: 0xF568E2FA Win: 0x3F20 TcpLen: 20
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
11/20 16:20:38.460728 0:50:BA:5E:EC:25 > 0:D0:59:6C:9:8B type:0x800
len:0x86
192.168.1.2:22 > 192.168.1.100:2474 TCP TTL:64 TOS:0x10 ID:57303
IpLen:20 DgmLen:120 DF
***AP*** Seq: 0xF568E34A Ack: 0x9DAEFD9C Win: 0x6BD0 TcpLen: 20
F9 7B 4B 96 3F C8 0A BC DF 9E EE 4F DA 27 6F B4 .{K.?......O. o.
92 BD A7 C5 1D E4 35 AB DB BF 7B 56 B9 F8 BA A1 ......5...{V....
86 BB FE 6E FD 41 55 FF D0 51 04 AF 73 80 13 29 ...n.AU..Q..s..)
D7 62 67 A4 B5 0C 5F 32 30 36 81 C2 9C 31 53 AD .bg..._206...1S.
3A 65 46 EE F1 52 59 ED 57 C7 6A 85 88 5A 3E D8 :eF..RY.W.j..Z>.
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
footer
Our partners:
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting
Jsp Web Hosting
Cheapest Web Hosting
Java Hosting
Cheapest Hosting
Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved