#(1 - 299185) [2010-04-19 07:16:53] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.70 -> 91.121.85.146 hlen=5 TOS=0 dlen=400 ID=26131 flags=0 offset=0 TTL=47 chksum=61325 UDP: port=500 -> dport: 500 len=380 Payload: length = 372 000 : 0A 47 FD 63 83 73 8D DB 00 00 00 00 00 00 00 00 .G.c.s.......... 010 : 85 10 F3 00 00 00 00 00 00 00 01 74 01 00 00 08 ...........t.... 020 : 00 00 00 00 87 00 00 78 00 00 00 01 00 00 00 01 .......x........ 030 : 00 00 00 6C 01 01 00 03 03 00 00 24 01 01 00 00 ...l.......$.... 040 : 80 01 00 07 80 0E 00 80 80 02 00 02 80 04 00 00 ................ 050 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 03 00 00 20 ............... 060 : 02 01 00 00 80 01 00 05 80 02 00 02 80 04 00 00 ................ 070 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 00 00 00 20 ............... 080 : 03 01 00 00 80 01 00 01 80 02 00 02 80 04 00 00 ................ 090 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 0A 00 00 0C ................ 0a0 : 00 02 00 00 00 04 00 00 0D 00 00 34 DD B4 1B B5 ...........4.... 0b0 : C9 3F F0 50 96 07 5C 3D 0F 6A 05 C7 66 4F EF 81 .?.P..\=.j..fO.. 0c0 : 08 FA 9F 7B 1B FD 62 FB 5C 37 7F 5B A6 AC 4D 9E ...{..b.\[..M. 0d0 : FD 9C 54 02 20 C3 F2 F3 A4 A2 A0 E4 0D 00 00 18 ..T. ........... 0e0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61 .+Qi...}|......a 0f0 : 00 00 00 08 0D 00 00 14 4A 13 1C 81 07 03 58 45 ........J.....XE 100 : 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 40 48 B7 D5 \W(...E/....@H.. 110 : 6E BC E8 85 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 n...%......... 120 : FB 1D E3 CD F3 41 B7 EA 16 B7 E5 BE 08 55 F1 20 .....A.......U. 130 : 14 00 00 14 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 ....&$M8..a..*6. 140 : D0 CF B8 19 14 00 00 18 AD E4 8F 7C BB 78 C9 75 ...........|.x.u 150 : 73 58 04 85 E1 DD A5 A8 A6 2D 14 89 00 00 00 18 sX.......-...... 160 : 56 EB B7 A7 E1 08 8E 0C 5B 77 81 D5 25 11 6A 21 V.......[w..%.j! 170 : 39 B8 BC 35 9..5 ------------------------------------------------------------------------------ #(1 - 335503) [2010-05-19 16:48:50] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.70 -> 91.121.85.146 hlen=5 TOS=0 dlen=500 ID=7759 flags=0 offset=0 TTL=49 chksum=13550 UDP: port=500 -> dport: 500 len=480 Payload: length = 472 000 : 2B 04 75 EB 68 85 49 71 00 00 00 00 00 00 00 00 +.u.h.Iq........ 010 : 01 10 02 00 00 00 00 00 00 00 01 D8 0D 00 01 18 ................ 020 : 00 00 00 01 00 00 00 01 00 00 01 0C 01 01 00 06 ................ 030 : 03 00 00 34 01 01 00 00 80 01 00 07 80 0E 00 80 ...4............ 040 : 80 02 00 02 80 04 00 02 80 03 FD E9 80 0B 00 01 ................ 050 : 00 0C 00 04 00 00 0E 10 40 00 00 08 49 00 4B 00 ........@...I.K. 060 : 45 00 00 00 03 00 00 30 02 01 00 00 80 01 00 05 E......0........ 070 : 80 02 00 02 80 04 00 02 80 03 FD E9 80 0B 00 01 ................ 080 : 00 0C 00 04 00 00 0E 10 40 00 00 08 49 00 4B 00 ........@...I.K. 090 : 45 00 00 00 03 00 00 30 03 01 00 00 80 01 00 01 E......0........ 0a0 : 80 02 00 02 80 04 00 02 80 03 FD E9 80 0B 00 01 ................ 0b0 : 00 0C 00 04 00 00 0E 10 40 00 00 08 49 00 4B 00 ........@...I.K. 0c0 : 45 00 00 00 03 00 00 28 04 01 00 00 80 01 00 07 E......(........ 0d0 : 80 0E 00 80 80 02 00 02 80 04 00 02 80 03 00 03 ................ 0e0 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 03 00 00 24 ...............$ 0f0 : 05 01 00 00 80 01 00 05 80 02 00 02 80 04 00 02 ................ 100 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 0E 10 ................ 110 : 00 00 00 24 06 01 00 00 80 01 00 01 80 02 00 02 ...$............ 120 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 130 : 00 00 0E 10 0D 00 00 14 21 4C A4 FA FF A7 F3 2D ........!L.....- 140 : 67 48 E5 30 33 95 AE 83 0D 00 00 18 1E 2B 51 69 gH.03........+Qi 150 : 05 99 1C 7D 7C 96 FC BF B5 87 E4 61 00 00 00 08 ...}|......a.... 160 : 0D 00 00 14 4A 13 1C 81 07 03 58 45 5C 57 28 F2 ....J.....XE\W(. 170 : 0E 95 45 2F 0D 00 00 14 90 CB 80 91 3E BB 69 6E ..E/........>.in 180 : 08 63 81 B5 EC 42 7B 1F 0D 00 00 14 40 48 B7 D5 .c...B{.....@H.. 190 : 6E BC E8 85 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 n...%......... 1a0 : FB 1D E3 CD F3 41 B7 EA 16 B7 E5 BE 08 55 F1 20 .....A.......U. 1b0 : 0D 00 00 14 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 ....&$M8..a..*6. 1c0 : D0 CF B8 19 00 00 00 14 E3 A5 96 6A 76 37 9F E7 ...........jv7.. 1d0 : 07 22 82 31 E5 CE 86 52 .".1...R ------------------------------------------------------------------------------ #(2 - 249290) [2010-05-19 15:48:19] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.70 -> 91.121.75.197 hlen=5 TOS=0 dlen=400 ID=27287 flags=0 offset=0 TTL=49 chksum=62166 UDP: port=500 -> dport: 500 len=380 Payload: length = 372 000 : 60 10 D8 D7 85 B2 ED 62 00 00 00 00 00 00 00 00 `......b........ 010 : 85 10 F3 00 00 00 00 00 00 00 01 74 01 00 00 08 ...........t.... 020 : 00 00 00 00 87 00 00 78 00 00 00 01 00 00 00 01 .......x........ 030 : 00 00 00 6C 01 01 00 03 03 00 00 24 01 01 00 00 ...l.......$.... 040 : 80 01 00 07 80 0E 00 80 80 02 00 02 80 04 00 00 ................ 050 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 03 00 00 20 ............... 060 : 02 01 00 00 80 01 00 05 80 02 00 02 80 04 00 00 ................ 070 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 00 00 00 20 ............... 080 : 03 01 00 00 80 01 00 01 80 02 00 02 80 04 00 00 ................ 090 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 0A 00 00 0C ................ 0a0 : 00 02 00 00 00 04 00 00 0D 00 00 34 C8 55 E4 7F ...........4.U 0b0 : 19 6A DD 10 78 24 9D AB D8 85 5A 5F 39 6F AA 21 .j..x$....Z_9o.! 0c0 : 22 6E A5 43 49 13 B3 F8 00 E5 4C 8C BE A6 84 50 "n.CI.....L....P 0d0 : 51 53 FF 5E DD 64 74 1C 90 D8 A9 4F 0D 00 00 18 QS.^.dt....O.... 0e0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61 .+Qi...}|......a 0f0 : 00 00 00 08 0D 00 00 14 4A 13 1C 81 07 03 58 45 ........J.....XE 100 : 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 40 48 B7 D5 \W(...E/....@H.. 110 : 6E BC E8 85 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 n...%......... 120 : FB 1D E3 CD F3 41 B7 EA 16 B7 E5 BE 08 55 F1 20 .....A.......U. 130 : 14 00 00 14 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 ....&$M8..a..*6. 140 : D0 CF B8 19 14 00 00 18 60 9E 14 7A 79 AA 92 BE ........`..zy... 150 : 17 AC B3 60 FB A2 D4 69 59 01 F0 C7 00 00 00 18 ...`...iY....... 160 : AF BD 5B 4D 89 D5 BC C7 08 ED BD 4E 3A 1C 60 66 ..[M.......N:.`f 170 : CA 02 F5 72 ...r ------------------------------------------------------------------------------ #(1 - 363623) [2010-06-16 07:56:38] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.70 -> 91.121.85.146 hlen=5 TOS=0 dlen=400 ID=3424 flags=0 offset=0 TTL=47 chksum=18497 UDP: port=500 -> dport: 500 len=380 Payload: length = 372 000 : 50 89 44 8B BD E1 16 B1 00 00 00 00 00 00 00 00 P.D............. 010 : 85 10 F3 00 00 00 00 00 00 00 01 74 01 00 00 08 ...........t.... 020 : 00 00 00 00 87 00 00 78 00 00 00 01 00 00 00 01 .......x........ 030 : 00 00 00 6C 01 01 00 03 03 00 00 24 01 01 00 00 ...l.......$.... 040 : 80 01 00 07 80 0E 00 80 80 02 00 02 80 04 00 00 ................ 050 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 03 00 00 20 ............... 060 : 02 01 00 00 80 01 00 05 80 02 00 02 80 04 00 00 ................ 070 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 00 00 00 20 ............... 080 : 03 01 00 00 80 01 00 01 80 02 00 02 80 04 00 00 ................ 090 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 0A 00 00 0C ................ 0a0 : 00 02 00 00 00 04 00 00 0D 00 00 34 B6 48 A8 94 ...........4.H.. 0b0 : D1 FD DA 08 09 43 E5 AE C3 07 E6 21 91 0D 33 5F .....C.....!..3_ 0c0 : DF E7 43 10 57 AD 45 68 1E B5 27 42 73 E5 DD 2B ..C.W.Eh..'Bs..+ 0d0 : A1 E1 3A 0A A1 E5 2F 64 30 68 30 47 0D 00 00 18 ..:.../d0h0G.... 0e0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61 .+Qi...}|......a 0f0 : 00 00 00 08 0D 00 00 14 4A 13 1C 81 07 03 58 45 ........J.....XE 100 : 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 40 48 B7 D5 \W(...E/....@H.. 110 : 6E BC E8 85 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 n...%......... 120 : FB 1D E3 CD F3 41 B7 EA 16 B7 E5 BE 08 55 F1 20 .....A.......U. 130 : 14 00 00 14 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 ....&$M8..a..*6. 140 : D0 CF B8 19 14 00 00 18 8D DD 5E C1 07 2B 08 9A ..........^..+.. 150 : F0 67 35 87 C4 AE F1 58 BF 82 0B 59 00 00 00 18 .g5....X...Y.... 160 : D2 08 69 AC AB D2 AE 0B 72 AA A3 98 99 DF DA B5 ..i.....r....... 170 : 22 1B 20 F2 ". . ------------------------------------------------------------------------------ #(1 - 377458) [2010-06-29 13:25:03] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.70 -> 91.121.85.146 hlen=5 TOS=0 dlen=400 ID=1416 flags=0 offset=0 TTL=50 chksum=19737 UDP: port=500 -> dport: 500 len=380 Payload: length = 372 000 : 50 4A F2 67 7F CF 1A 3D 00 00 00 00 00 00 00 00 PJ...=........ 010 : 85 10 F3 00 00 00 00 00 00 00 01 74 01 00 00 08 ...........t.... 020 : 00 00 00 00 87 00 00 78 00 00 00 01 00 00 00 01 .......x........ 030 : 00 00 00 6C 01 01 00 03 03 00 00 24 01 01 00 00 ...l.......$.... 040 : 80 01 00 07 80 0E 00 80 80 02 00 02 80 04 00 00 ................ 050 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 03 00 00 20 ............... 060 : 02 01 00 00 80 01 00 05 80 02 00 02 80 04 00 00 ................ 070 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 00 00 00 20 ............... 080 : 03 01 00 00 80 01 00 01 80 02 00 02 80 04 00 00 ................ 090 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 0A 00 00 0C ................ 0a0 : 00 02 00 00 00 04 00 00 0D 00 00 34 C3 93 42 3C ...........4..B< 0b0 : EA 21 F1 A9 06 B1 DB 2C 1C 2E FD F5 23 F6 5D 06 .!.....,....#.]. 0c0 : BA AF 9C 60 D8 16 66 FE D8 44 0F E6 6B D1 EF 3C ...`..f..D..k..< 0d0 : FD EA D4 5A 14 47 20 1A B4 B3 D5 E9 0D 00 00 18 ...Z.G ......... 0e0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61 .+Qi...}|......a 0f0 : 00 00 00 08 0D 00 00 14 4A 13 1C 81 07 03 58 45 ........J.....XE 100 : 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 40 48 B7 D5 \W(...E/....@H.. 110 : 6E BC E8 85 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 n...%......... 120 : FB 1D E3 CD F3 41 B7 EA 16 B7 E5 BE 08 55 F1 20 .....A.......U. 130 : 14 00 00 14 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 ....&$M8..a..*6. 140 : D0 CF B8 19 14 00 00 18 8B 3D 55 82 A0 27 FC C6 .........=U..'.. 150 : AC 43 AC 36 A9 1E F5 50 90 82 2A 14 00 00 00 18 .C.6...P..*..... 160 : D7 7D AB 03 80 B8 04 6E EF 54 59 26 3E E6 D9 5D .}.....n.TY&>..] 170 : 65 6E AE B0 en.. ------------------------------------------------------------------------------ #(3 - 190255) [2010-06-12 08:29:49] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.70 -> 94.23.207.114 hlen=5 TOS=0 dlen=500 ID=8759 flags=0 offset=0 TTL=52 chksum=45447 UDP: port=500 -> dport: 500 len=480 Payload: length = 472 000 : 2A D9 FD ED 45 25 FC B6 00 00 00 00 00 00 00 00 *...E%.......... 010 : 01 10 02 00 00 00 00 00 00 00 01 D8 0D 00 01 18 ................ 020 : 00 00 00 01 00 00 00 01 00 00 01 0C 01 01 00 06 ................ 030 : 03 00 00 34 01 01 00 00 80 01 00 07 80 0E 00 80 ...4............ 040 : 80 02 00 02 80 04 00 02 80 03 FD E9 80 0B 00 01 ................ 050 : 00 0C 00 04 00 00 0E 10 40 00 00 08 49 00 4B 00 ........@...I.K. 060 : 45 00 00 00 03 00 00 30 02 01 00 00 80 01 00 05 E......0........ 070 : 80 02 00 02 80 04 00 02 80 03 FD E9 80 0B 00 01 ................ 080 : 00 0C 00 04 00 00 0E 10 40 00 00 08 49 00 4B 00 ........@...I.K. 090 : 45 00 00 00 03 00 00 30 03 01 00 00 80 01 00 01 E......0........ 0a0 : 80 02 00 02 80 04 00 02 80 03 FD E9 80 0B 00 01 ................ 0b0 : 00 0C 00 04 00 00 0E 10 40 00 00 08 49 00 4B 00 ........@...I.K. 0c0 : 45 00 00 00 03 00 00 28 04 01 00 00 80 01 00 07 E......(........ 0d0 : 80 0E 00 80 80 02 00 02 80 04 00 02 80 03 00 03 ................ 0e0 : 80 0B 00 01 00 0C 00 04 00 00 0E 10 03 00 00 24 ...............$ 0f0 : 05 01 00 00 80 01 00 05 80 02 00 02 80 04 00 02 ................ 100 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 0E 10 ................ 110 : 00 00 00 24 06 01 00 00 80 01 00 01 80 02 00 02 ...$............ 120 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 130 : 00 00 0E 10 0D 00 00 14 21 4C A4 FA FF A7 F3 2D ........!L.....- 140 : 67 48 E5 30 33 95 AE 83 0D 00 00 18 1E 2B 51 69 gH.03........+Qi 150 : 05 99 1C 7D 7C 96 FC BF B5 87 E4 61 00 00 00 08 ...}|......a.... 160 : 0D 00 00 14 4A 13 1C 81 07 03 58 45 5C 57 28 F2 ....J.....XE\W(. 170 : 0E 95 45 2F 0D 00 00 14 90 CB 80 91 3E BB 69 6E ..E/........>.in 180 : 08 63 81 B5 EC 42 7B 1F 0D 00 00 14 40 48 B7 D5 .c...B{.....@H.. 190 : 6E BC E8 85 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 n...%......... 1a0 : FB 1D E3 CD F3 41 B7 EA 16 B7 E5 BE 08 55 F1 20 .....A.......U. 1b0 : 0D 00 00 14 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 ....&$M8..a..*6. 1c0 : D0 CF B8 19 00 00 00 14 E3 A5 96 6A 76 37 9F E7 ...........jv7.. 1d0 : 07 22 82 31 E5 CE 86 52 .".1...R