------------------------------------------------------------------------------ #(1 - 328255) [2010-05-13 14:01:14] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.76 -> 91.121.85.146 hlen=5 TOS=0 dlen=556 ID=3387 flags=0 offset=0 TTL=51 chksum=17348 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : D2 1E D8 6F 84 19 9D 09 00 00 00 00 00 00 00 00 ...o............ 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R ------------------------------------------------------------------------------ #(3 - 160289) [2010-05-13 12:02:33] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.76 -> 94.23.207.114 hlen=5 TOS=0 dlen=556 ID=25748 flags=0 offset=0 TTL=48 chksum=29420 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : 84 18 FF C8 9D F0 24 48 00 00 00 00 00 00 00 00 ......$H........ 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R ------------------------------------------------------------------------------ #(2 - 255818) [2010-06-03 13:45:49] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.76 -> 91.121.75.197 hlen=5 TOS=0 dlen=556 ID=5507 flags=0 offset=0 TTL=47 chksum=18761 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : 6F 6D AF 8A 08 CE 7E CC 00 00 00 00 00 00 00 00 om....~......... 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R ------------------------------------------------------------------------------ #(3 - 184227) [2010-06-03 13:46:16] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.76 -> 94.23.207.114 hlen=5 TOS=0 dlen=556 ID=11544 flags=0 offset=0 TTL=49 chksum=43368 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : 10 CC 6F ED 93 76 B2 F4 00 00 00 00 00 00 00 00 ..o..v.......... 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R