psad Trin00 Alert
=-=-=-=-=-=-=-=-=-=-=-= Sun Oct 24 22:13:34 2004 =-=-=-=-=-=-=-=-=-=-=-=
Danger level: [2] (out of 5)
Scanned udp ports: [31335: 1 packets, Nmap: -sU]
Iptables chain: INPUT (prefix "DROP"), 1 packets
Source: 192.168.10.2
DNS: [No reverse dns info available]
Destination: 192.168.10.1
DNS: [No reverse dns info available]
Syslog hostname: orthanc
Current interval: Sun Oct 24 22:13:29 2004 (start)
Sun Oct 24 22:13:34 2004 (end)
Overall scan start: Sat Oct 23 13:42:57 2004
Total email alerts: 4
Complete udp range: [31335]
chain: interface: tcp: udp: icmp:
INPUT eth1 0 1 0
[+] udp scan signatures:
"DDOS Trin00\:DaemontoMaster"
sid=223 chain=INPUT packets=1 dp=31335 No local server on udp/31335
[+] Whois Information:
OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US
NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
NetName: IANA-CBLK1
NetHandle: NET-192-168-0-0-1
Parent: NET-192-0-0-0-0
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate: 1994-03-15
Updated: 2002-09-16
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: abuse@iana.org
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: abuse@iana.org
# ARIN WHOIS database, last updated 2004-10-24 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
=-=-=-=-=-=-=-=-=-=-=-= Sun Oct 24 22:13:34 2004 =-=-=-=-=-=-=-=-=-=-=-=