ACID
 		Alert
Home
Search | AG Maintenance
[ Back ]

Queried DB on : Mon January 14, 2002 12:41:06
Meta Criteria Signature contains "DNS ...clear...
IP Criteria any
Layer 4 Criteria none
Payload Criteria any
Added 0 alert(s) to the Alert cache

Alert #50
Meta
ID # Time Triggered Signature
2 - 167321 2002-01-14 12:34:20 spp_dns(3): unknown DNS session traffic
Sensor name interface filter
12.34.56.78 hme0 none
Alert
Group		 none
IP
source addr dest addr Ver Hdr Len TOS length ID flags offset TTL chksum
12.34.56.78 211.168.99.136 4 5 0 56 20519 0 0 254 33411
FQDN Source Name Dest. Name
proxy.foo.com Unable to resolve address
Options none
UDP
source port dest port length
35625 53 36
Payload 
 length = 28

000 : E1 79 00 00 00 01 00 00 00 00 00 00 06 61 67 61   .y...........aga
010 : 73 68 65 03 63 6F 6D 00 00 1C 00 01               she.com.....

Action

[Loaded in 1 seconds]

ACID v0.9.6b19 ( by Roman Danyliw as part of the AirCERT project )

Hosted by www.Geocities.ws

1