Changes between Version 4 and Version 5 of icasIII


Ignore:
Timestamp:
May 17, 2011, 5:33:20 PM (14 years ago)
Author:
waue
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • icasIII

    v4 v5  
    28281;100000160;2;COMMUNITY SIP TCP/IP message flooding directed to SIP proxy ;Attempted Denial of Service;2;05;17;08;30;21;140.110.138.191:24800;140.110.138.193:60347;TCP;
    2929}}}
    30 ==
     30
     31=
     32
    3133|| 1 || 2 || 3 || 4 || 5 || 6 || 7 || 8 || 9 || 10 || 11 || 12 || 13 || 14 ||
    3234|| 可能是網卡編號(不確定也沒用到); || snort警訊識別id ;  || sid的版本 ;  || 說明 ;  || 分類 ;  || 嚴重性(1最嚴重) ;  || 月 ;  || 日 ;  || 時 ;  || 分 ;  || 秒 ;  || 來源ip ;  || 目標ip ;  || 封包協定 ; ||
     35
     36= Idp8200 =
     37
     38{{{
     39#!text
     402003/8/11 13:05,140.113.130.221,0.0.0.0,Accepted,TCP,65432,'interface=eth2',FTP: Format String in Command,Major
     41
     422003/8/11 13:05,140.113.130.221,phe96.sro.nchc.org.tw,Accepted,TCP,65432,'interface=eth2',FTP: Format String in Command,Major
     43
     44}}}
     45
     46= NK7Admin=
     47
     48{{{
     49#!text
     501,TCP SYN,60.173.26.116,140.110.127.253,2011/3/1 14:41,1,6000,9415
     51
     522,UDP PORT SCAN,168.95.1.1,140.110.104.84,2011/3/1 14:41,1,53,34953
     53
     54}}}