psad FIN Scan Alert
=-=-=-=-=-=-=-=-=-=-=-= Mon Mar 13 13:28:39 2006 =-=-=-=-=-=-=-=-=-=-=-=
Danger level: [4] (out of 5)
Scanned tcp ports: [5-47557: 284 packets]
tcp flags: [FIN: 284 packets, Nmap: -sF]
Iptables chain: INPUT (prefix "DROP"), 284 packets
Source: 192.168.10.3
DNS: [No reverse dns info available]
Destination: 192.168.10.1
DNS: [No reverse dns info available]
Syslog hostname: minastirith
Current interval: Mon Mar 13 13:28:34 2006 (start)
Mon Mar 13 13:28:39 2006 (end)
Overall scan start: Mon Mar 13 13:28:02 2006
Total email alerts: 8
Complete tcp range: [1-65301]
chain: interface: tcp: udp: icmp:
INPUT eth1 3296 0 0
[+] tcp scan signatures:
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=8009 flags=[FIN] No local server on tcp/8009
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=892 flags=[FIN] No local server on tcp/892
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=9152 flags=[FIN] No local server on tcp/9152
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1178 flags=[FIN] No local server on tcp/1178
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=525 flags=[FIN] No local server on tcp/525
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=609 flags=[FIN] No local server on tcp/609
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=84 flags=[FIN] No local server on tcp/84
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=161 flags=[FIN] No local server on tcp/161
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1993 flags=[FIN] No local server on tcp/1993
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1499 flags=[FIN] No local server on tcp/1499
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=872 flags=[FIN] No local server on tcp/872
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=714 flags=[FIN] No local server on tcp/714
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=5555 flags=[FIN] No local server on tcp/5555
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=744 flags=[FIN] No local server on tcp/744
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=4480 flags=[FIN] No local server on tcp/4480
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=2025 flags=[FIN] No local server on tcp/2025
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=934 flags=[FIN] No local server on tcp/934
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=3001 flags=[FIN] No local server on tcp/3001
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1421 flags=[FIN] No local server on tcp/1421
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=700 flags=[FIN] No local server on tcp/700
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=978 flags=[FIN] No local server on tcp/978
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=742 flags=[FIN] No local server on tcp/742
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=157 flags=[FIN] No local server on tcp/157
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=275 flags=[FIN] No local server on tcp/275
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=65 flags=[FIN] No local server on tcp/65
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=515 flags=[FIN] No local server on tcp/515
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=968 flags=[FIN] No local server on tcp/968
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1535 flags=[FIN] No local server on tcp/1535
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=853 flags=[FIN] No local server on tcp/853
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1383 flags=[FIN] No local server on tcp/1383
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=15 flags=[FIN] No local server on tcp/15
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=431 flags=[FIN] No local server on tcp/431
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=724 flags=[FIN] No local server on tcp/724
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1506 flags=[FIN] No local server on tcp/1506
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=2401 flags=[FIN] No local server on tcp/2401
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=926 flags=[FIN] No local server on tcp/926
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=5192 flags=[FIN] No local server on tcp/5192
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=662 flags=[FIN] No local server on tcp/662
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1357 flags=[FIN] No local server on tcp/1357
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=184 flags=[FIN] No local server on tcp/184
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=191 flags=[FIN] No local server on tcp/191
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1509 flags=[FIN] No local server on tcp/1509
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=178 flags=[FIN] No local server on tcp/178
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=224 flags=[FIN] No local server on tcp/224
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=187 flags=[FIN] No local server on tcp/187
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1366 flags=[FIN] No local server on tcp/1366
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=181 flags=[FIN] No local server on tcp/181
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=307 flags=[FIN] No local server on tcp/307
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=985 flags=[FIN] No local server on tcp/985
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=971 flags=[FIN] No local server on tcp/971
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=6668 flags=[FIN] No local server on tcp/6668
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=7001 flags=[FIN] No local server on tcp/7001
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1528 flags=[FIN] No local server on tcp/1528
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=159 flags=[FIN] No local server on tcp/159
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=160 flags=[FIN] No local server on tcp/160
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=8892 flags=[FIN] No local server on tcp/8892
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=2603 flags=[FIN] No local server on tcp/2603
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1484 flags=[FIN] No local server on tcp/1484
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=117 flags=[FIN] No local server on tcp/117
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=372 flags=[FIN] No local server on tcp/372
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=5 flags=[FIN] No local server on tcp/5
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=852 flags=[FIN] No local server on tcp/852
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=195 flags=[FIN] No local server on tcp/195
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=643 flags=[FIN] No local server on tcp/643
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=2042 flags=[FIN] No local server on tcp/2042
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=170 flags=[FIN] No local server on tcp/170
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=743 flags=[FIN] No local server on tcp/743
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=679 flags=[FIN] No local server on tcp/679
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=831 flags=[FIN] No local server on tcp/831
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=47557 flags=[FIN] No local server on tcp/47557
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=586 flags=[FIN] No local server on tcp/586
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=179 flags=[FIN] No local server on tcp/179
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=264 flags=[FIN] No local server on tcp/264
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=410 flags=[FIN] No local server on tcp/410
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1441 flags=[FIN] No local server on tcp/1441
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=240 flags=[FIN] No local server on tcp/240
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=676 flags=[FIN] No local server on tcp/676
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1413 flags=[FIN] No local server on tcp/1413
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=230 flags=[FIN] No local server on tcp/230
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=115 flags=[FIN] No local server on tcp/115
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=92 flags=[FIN] No local server on tcp/92
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=13709 flags=[FIN] No local server on tcp/13709
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=602 flags=[FIN] No local server on tcp/602
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=13714 flags=[FIN] No local server on tcp/13714
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=142 flags=[FIN] No local server on tcp/142
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=330 flags=[FIN] No local server on tcp/330
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=862 flags=[FIN] No local server on tcp/862
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=266 flags=[FIN] No local server on tcp/266
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=3456 flags=[FIN] No local server on tcp/3456
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=341 flags=[FIN] No local server on tcp/341
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=2121 flags=[FIN] No local server on tcp/2121
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=419 flags=[FIN] No local server on tcp/419
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=931 flags=[FIN] No local server on tcp/931
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=663 flags=[FIN] No local server on tcp/663
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=564 flags=[FIN] No local server on tcp/564
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=5050 flags=[FIN] No local server on tcp/5050
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=41 flags=[FIN] No local server on tcp/41
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=881 flags=[FIN] No local server on tcp/881
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=312 flags=[FIN] No local server on tcp/312
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1451 flags=[FIN] No local server on tcp/1451
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=499 flags=[FIN] No local server on tcp/499
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=449 flags=[FIN] No local server on tcp/449
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=6346 flags=[FIN] No local server on tcp/6346
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=54 flags=[FIN] No local server on tcp/54
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=274 flags=[FIN] No local server on tcp/274
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=693 flags=[FIN] No local server on tcp/693
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=549 flags=[FIN] No local server on tcp/549
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=2026 flags=[FIN] No local server on tcp/2026
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=375 flags=[FIN] No local server on tcp/375
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=914 flags=[FIN] No local server on tcp/914
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=965 flags=[FIN] No local server on tcp/965
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=709 flags=[FIN] No local server on tcp/709
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=466 flags=[FIN] No local server on tcp/466
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=738 flags=[FIN] No local server on tcp/738
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=28 flags=[FIN] No local server on tcp/28
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=192 flags=[FIN] No local server on tcp/192
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=848 flags=[FIN] No local server on tcp/848
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=655 flags=[FIN] No local server on tcp/655
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=5803 flags=[FIN] No local server on tcp/5803
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=928 flags=[FIN] No local server on tcp/928
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=421 flags=[FIN] No local server on tcp/421
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=501 flags=[FIN] No local server on tcp/501
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=450 flags=[FIN] No local server on tcp/450
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1455 flags=[FIN] No local server on tcp/1455
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=22370 flags=[FIN] No local server on tcp/22370
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=962 flags=[FIN] No local server on tcp/962
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1465 flags=[FIN] No local server on tcp/1465
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1397 flags=[FIN] No local server on tcp/1397
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=235 flags=[FIN] No local server on tcp/235
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=7070 flags=[FIN] No local server on tcp/7070
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=782 flags=[FIN] No local server on tcp/782
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=436 flags=[FIN] No local server on tcp/436
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=10000 flags=[FIN] No local server on tcp/10000
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=146 flags=[FIN] No local server on tcp/146
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=44334 flags=[FIN] No local server on tcp/44334
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=4444 flags=[FIN] No local server on tcp/4444
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=1368 flags=[FIN] No local server on tcp/1368
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=296 flags=[FIN] No local server on tcp/296
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=745 flags=[FIN] No local server on tcp/745
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=832 flags=[FIN] No local server on tcp/832
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=164 flags=[FIN] No local server on tcp/164
"SCAN FIN"
sid=621 chain=INPUT packets=2 dp=493 flags=[FIN] No local server on tcp/493
[+] Whois Information:
OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US
NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
NetName: IANA-CBLK1
NetHandle: NET-192-168-0-0-1
Parent: NET-192-0-0-0-0
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate: 1994-03-15
Updated: 2002-09-16
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: abuse@iana.org
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: abuse@iana.org
# ARIN WHOIS database, last updated 2006-03-12 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
=-=-=-=-=-=-=-=-=-=-=-= Mon Mar 13 13:28:39 2006 =-=-=-=-=-=-=-=-=-=-=-=
