Enjoy httpwwwsnortorg httpwwwwhitehatscom Output Examples Ping Snort Version

Enjoy httpwwwsnortorg httpwwwwhitehatscom output

This preview shows page 6 - 8 out of 8 pages.

Enjoy! Output Examples Ping -*> Snort! <*- Version 1.5.1 By Martin Roesch ([email protected], ) Decoding Ethernet on interface ed0 11/12-22:17:48.490312 ARP who-has 192.168.1.1 tell 192.168.1.2 11/12-22:17:48.490409 ARP reply 192.168.1.1 is-at 0:20:18:B8:FE:B 11/12-22:17:48.490746 0:5:2:62:E8:14 -> 0:20:18:B8:FE:B type:0x800 len:0x62 192.168.1.2 -> 192.168.1.1 ICMP TTL:64 TOS:0x0 ID:5087 ID:52519 Seq:0 ECHO 3A 0F 5E 2D 00 09 FA 2F 08 09 0A 0B 0C 0D 0E 0F :.^-.../........10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F ................20 21 22 23 24 25 26 27 28 29 2A 2B 2C 2D 2E 2F !"#$%&'()*+,-./ 30 31 32 33 34 35 36 37 01234567 11/12-22:17:48.490830 0:20:18:B8:FE:B -> 0:5:2:62:E8:14 type:0x800 len:0x62 192.168.1.1 -> 192.168.1.2 ICMP TTL:255 TOS:0x0 ID:930 ID:52519 Seq:0 ECHO REPLY 3A 0F 5E 2D 00 09 FA 2F 08 09 0A 0B 0C 0D 0E 0F :.^-.../........10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F ................20 21 22 23 24 25 26 27 28 29 2A 2B 2C 2D 2E 2F !"#$%&'()*+,-./ 30 31 32 33 34 35 36 37 01234567 Traceroute -*> Snort! <*- Version 1.5.1 By Martin Roesch ([email protected], ) Decoding Ethernet on interface ed0 11/12-22:18:29.612633 ARP who-has 192.168.1.1 tell 192.168.1.2 11/12-22:18:29.612733 ARP reply 192.168.1.1 is-at 0:20:18:B8:FE:B 11/12-22:18:29.613033 0:5:2:62:E8:14 -> 0:20:18:B8:FE:B type:0x800 len:0x3C 192.168.1.2:42959 -> 192.168.1.1:33435 UDP TTL:1 TOS:0x0 ID:42960 Len: 20
Background image
Introduction to Snort 7 01 01 00 00 3A 0F 5E 56 00 0B CE 8F 00 00 00 00 ....:.^V........00 00 .. 11/12-22:18:29.613117 0:20:18:B8:FE:B -> 0:5:2:62:E8:14 type:0x800 len:0x46 192.168.1.1 -> 192.168.1.2 ICMP TTL:255 TOS:0x0 ID:933 DESTINATION UNREACHABLE: PORT UNREACHABLE 00 00 00 00 45 00 00 28 D0 A7 00 00 01 11 8E A1 ....E..(........C0 A8 01 02 C0 A8 01 01 A7 CF 82 9B 00 14 00 00 ................11/12-22:18:29.615732 0:5:2:62:E8:14 -> 0:20:18:B8:FE:B type:0x800 len:0x3C 192.168.1.2:42959 -> 192.168.1.1:33436 UDP TTL:1 TOS:0x0 ID:42961 Len: 20 02 01 00 00 3A 0F 5E 56 00 0B DB 35 00 00 00 00 ....:.^V...5....00 00 .. 11/12-22:18:29.615788 0:20:18:B8:FE:B -> 0:5:2:62:E8:14 type:0x800 len:0x46 192.168.1.1 -> 192.168.1.2 ICMP TTL:255 TOS:0x0 ID:934 DESTINATION UNREACHABLE: PORT UNREACHABLE 00 00 00 00 45 00 00 28 D1 A7 00 00 01 11 8E A0 ....E..(........C0 A8 01 02 C0 A8 01 01 A7 CF 82 9C 00 14 00 00 ................11/12-22:18:29.616745 0:5:2:62:E8:14 -> 0:20:18:B8:FE:B type:0x800 len:0x3C 192.168.1.2:42959 -> 192.168.1.1:33437 UDP TTL:1 TOS:0x0 ID:42962 Len: 20 03 01 00 00 3A 0F 5E 56 00 0B DF 3C 00 00 00 00 ....:.^V...<....00 00 .. 11/12-22:18:29.616798 0:20:18:B8:FE:B -> 0:5:2:62:E8:14 type:0x800 len:0x46 192.168.1.1 -> 192.168.1.2 ICMP TTL:255 TOS:0x0 ID:935 DESTINATION UNREACHABLE: PORT UNREACHABLE 00 00 00 00 45 00 00 28 D2 A7 00 00 01 11 8E 9F ....E..(........C0 A8 01 02 C0 A8 01 01 A7 CF 82 9D 00 14 00 00 ................Telnet -*> Snort! <*- Version 1.5.1 By Martin Roesch ([email protected], ) Decoding Ethernet on interface ed0 11/12-22:20:09.234983 ARP who-has 192.168.1.1 tell 192.168.1.2 11/12-22:20:09.235079 ARP reply 192.168.1.1 is-at 0:20:18:B8:FE:B 11/12-22:20:09.235384 0:5:2:62:E8:14 -> 0:20:18:B8:FE:B type:0x800 len:0x4A 192.168.1.2:1176 -> 192.168.1.1:23 TCP TTL:64 TOS:0x0 ID:5235 DF S***** Seq: 0x6FFFFDB7 Ack: 0x0 Win: 0x7D78 TCP Options => MSS: 1460 SackOK TS: 649836 0 NOP WS: 0 11/12-22:20:09.235525 0:20:18:B8:FE:B -> 0:5:2:62:E8:14 type:0x800 len:0x3A 192.168.1.1:23 -> 192.168.1.2:1176 TCP TTL:64 TOS:0x0 ID:1027 DF S***A* Seq: 0x62E9DFFD Ack: 0x6FFFFDB8 Win: 0x4470 TCP Options => MSS: 1460 11/12-22:20:09.334644 0:20:18:B8:FE:B -> 0:5:2:62:E8:14 type:0x800 len:0x6A
Background image
Introduction to Snort 8 192.168.1.1:23 -> 192.168.1.2:1176 TCP TTL:64 TOS:0x10 ID:1036 DF ***PA* Seq: 0x62E9E073 Ack: 0x6FFFFE47 Win: 0x4470 0D 00 0D 0A 46 72 65 65 42 53 44 2F 69 33 38 36 ....FreeBSD/i386 20 28 62 73 64 6D 61 63 68 69 6E 65 29 20 28 74 (bsdmachine) (t 74 79 70 30 29 0D 00 0D 0A 0D 00 0D 0A 6C 6F 67 typ0)........log 69 6E 3A 20 in: 11/12-22:20:09.354517 0:5:2:62:E8:14 -> 0:20:18:B8:FE:B type:0x800 len:0x3C 192.168.1.2:1176 -> 192.168.1.1:23 TCP TTL:64 TOS:0x0 ID:5246 DF ****A* Seq: 0x6FFFFE47 Ack: 0x62E9E0A7 Win: 0x7D78 00 00 00 00 00 00 ......
Background image

You've reached the end of your free preview.

Want to read all 8 pages?

  • Fall '15
  • EmanAbdu
  • Transmission Control Protocol, Internet Control Message Protocol, Intrusion prevention system, snort

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture