cipherdyne.org

Michael Rash, Security Researcher

• Home
• Blog
• Software
• Author
• Contact

psad Trin00 Alert

=-=-=-=-=-=-=-=-=-=-=-= Sun Oct 24 22:13:34 2004 =-=-=-=-=-=-=-=-=-=-=-=


         Danger level: [2] (out of 5)

    Scanned udp ports: [31335: 1 packets, Nmap: -sU]
       Iptables chain: INPUT (prefix "DROP"), 1 packets

               Source: 192.168.10.2
                  DNS: [No reverse dns info available]

          Destination: 192.168.10.1
                  DNS: [No reverse dns info available]

      Syslog hostname: orthanc

     Current interval: Sun Oct 24 22:13:29 2004 (start)
                       Sun Oct 24 22:13:34 2004 (end)

   Overall scan start: Sat Oct 23 13:42:57 2004
   Total email alerts: 4
   Complete udp range: [31335]

   chain:   interface:   tcp:   udp:   icmp:
   INPUT    eth1         0      1      0


[+] udp scan signatures:

   "DDOS Trin00\:DaemontoMaster"
        sid=223 chain=INPUT packets=1 dp=31335 No local server on udp/31335

[+] Whois Information:

OrgName:    Internet Assigned Numbers Authority
OrgID:      IANA
Address:    4676 Admiralty Way, Suite 330
City:       Marina del Rey
StateProv:  CA
PostalCode: 90292-6695
Country:    US

NetRange:   192.168.0.0 - 192.168.255.255
CIDR:       192.168.0.0/16
NetName:    IANA-CBLK1
NetHandle:  NET-192-168-0-0-1
Parent:     NET-192-0-0-0-0
NetType:    IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment:    This block is reserved for special purposes.
Comment:    Please see RFC 1918 for additional information.
Comment:
RegDate:    1994-03-15
Updated:    2002-09-16

OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName:   Internet Corporation for Assigned Names and Number
OrgAbusePhone:  +1-310-301-5820
OrgAbuseEmail:  abuse@iana.org

OrgTechHandle: IANA-IP-ARIN
OrgTechName:   Internet Corporation for Assigned Names and Number
OrgTechPhone:  +1-310-301-5820
OrgTechEmail:  abuse@iana.org

# ARIN WHOIS database, last updated 2004-10-24 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

=-=-=-=-=-=-=-=-=-=-=-= Sun Oct 24 22:13:34 2004 =-=-=-=-=-=-=-=-=-=-=-=