Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Question on the NetBIOS rules and port 445 in general

From: Kevin Smith <kjsmith () tm net>
Date: Wed, 18 May 2005 11:30:23 -0400
Hi Ted,
Do you have any idea why only a small percentage of our end users are being flagged for this network activity? I noticed in the article it applies to Win2K and different server versions. However, a most of our customers are runing Win98 and other versions besides 2000. Plus, the only reason we notifications on this traffic is because the IP addresses are not connected to anything. Could anything else cause that kind of activity like a virus or some peice of spy-ware in your opinion? Thanks again and for the link to the MSKB article. 

Kevin

PS. Sorry admins who get this message. Wrong address. ;D


-------------------------------------------------------
This SF.Net email is sponsored by Oracle Space Sweepstakes
Want to be the first software developer in space?
Enter now for the Oracle Space Sweepstakes!
http://ads.osdn.com/?ad_id=7412&alloc_id=16344&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: