http://www.anuzis.net/tcp0/ this directory on my webserver contains two files: snort.capture = a portion of a snort capture tcp.dump = a look at the content of the suspicious packets tcp source port zero, tcp destination port zero a stealth port scan about 2 minutes later on a single port from the same IP no nslookup or whois entry for the suspicious source IP _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Jan 31 2002 - 09:09:52 PST