snort - comprends pas
Bonjour,
J'ai reçu ça ce matin (c'est la première fois que je reçois un tel
message de mon pc) :
Events between 07 21 01:30:26 and 07 21 02:50:46
Total events: 4
Signatures recorded: 2
Source IP recorded: 2
Destination IP recorded: 2
Events from same host to same destination using same method
=========================================================================
# of from to method
=========================================================================
3 81.50.200.179 80.15.236.209 (http_inspect) NON-RFC HTTP DELIMITER
Percentage and number of events from a host to a destination
============================================================
% # of from to
============================================================
75.00 3 81.50.200.179 80.15.236.209
Percentage and number of events from one host to any with same method
==============================================================
% # of from method
==============================================================
75.00 3 81.50.200.179 (http_inspect) NON-RFC HTTP DELIMITER
Percentage and number of events to one certain host
=================================================================
% # of to method
=================================================================
75.00 3 80.15.236.209 (http_inspect) NON-RFC HTTP DELIMITER
The distribution of event methods
===============================================
% # of method
===============================================
75.00 3 (http_inspect) NON-RFC HTTP DELIMITER
3 81.50.200.179 -> 80.15.236.209
Je ne comprend pas ce que cela signifie. Quelqu'un sait-il ?
C'est grave docteur ?
Cordialement
Nicolas
--
=========================================
Nicolas Roudninski
nroudninski@wanadoo.fr
http://www.nicoroud.net
=========================================
Reply to: