Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: snort.org > snort-users > 03 > 031627.html (Request Expert snort.org Support)

[Snort-users] ACID snort_archive DB access and udp port 0 traffic

From: Jose Ramon Hernandez Macias <jhernandez(at)alestra.com.mx>
Date: Mon Mar 31 2003 - 10:59:09 EST


Hi,

Just two questions,

Could someone tell me how can I see or consult the content of the snort_archive database?, I would like to see what I´ve archived there. Do I need to re-configure ACID?

The other question I have is:
What could be a false positive for BAD TRAFFIC udp port 0 traffic ? I´ve read some Firewall-1 vulnerability but that´s all. I just would like to know what could be done with this?, I´ve detected 8 udp packets coming from the same source IP address and source port 53
to my both DNS Servers.on destination port 0.

What do you think?

Jose
"Rapidity is the essence of war: take advantage of the enemy´s unreadiness, make your way by unexpected routes, and attack unguarded spots." -- Sun Tzu

NOTA: La información de este correo es de propiedad exclusiva y confidencial. Este mensaje es sólo para el destinatario señalado, si usted no lo es, destrúyalo de inmediato. Ninguna información aquí contenida debe ser entendida como dada o avalada por Alestra, sus subsidiarias o sus empleados, salvo cuando ello expresamente se indique. Es responsabilidad de quien recibe este correo de asegurarse que esté libre de virus, por lo tanto ni Alestra, sus subsidiarias ni sus empleados aceptan responsabilidad alguna.

NOTE: The information in this email is proprietary and confidential. This message is for the designated recipient only, if you are not the intended recipient, you should destroy it immediately. Any information in this message shall not be understood as given or endorsed by Alestra, its subsidiaries or their employees, unless expressly so stated. It is the responsibility of the recipient to ensure that this email is virus free, therefore neither Alestra, its subsidiaries nor their employees accept any responsibility.


This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/

Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list Received on Mon Mar 31 14:57:15 2003
Do you need help?X

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 11:50:32 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library