------------------------------------------------------------------------------
#(1 - 324625) [2010-05-11 05:15:55] [local/1000002] [snort/1:1000002]  LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE
IPv4: 131.107.0.96 -> 91.121.85.146
      hlen=5 TOS=0 dlen=316 ID=10027 flags=0 offset=0 TTL=113 chksum=60591
UDP:  port=500 -> dport: 500 len=296
Payload:  length = 288

000 : 6F E9 4C C8 69 6B 75 1D 00 00 00 00 00 00 00 00   o.L.iku.........
010 : 01 10 02 00 00 00 00 00 00 00 01 20 0D 00 00 B0   ........... ....
020 : 00 00 00 01 00 00 00 01 00 00 00 A4 01 01 00 02   ................
030 : 03 00 00 78 01 01 00 00 80 01 00 05 80 02 00 02   ...x............
040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04   ................
050 : 00 00 70 80 40 00 00 50 73 00 65 00 61 00 2D 00   ..p.@..Ps.e.a.-.
060 : 70 00 72 00 78 00 79 00 2D 00 30 00 32 00 24 00   p.r.x.y.-.0.2.$.
070 : 40 00 52 00 45 00 44 00 4D 00 4F 00 4E 00 44 00   @.R.E.D.M.O.N.D.
080 : 2E 00 43 00 4F 00 52 00 50 00 2E 00 4D 00 49 00   ..C.O.R.P...M.I.
090 : 43 00 52 00 4F 00 53 00 4F 00 46 00 54 00 2E 00   C.R.O.S.O.F.T...
0a0 : 43 00 4F 00 4D 00 00 00 00 00 00 24 02 01 00 00   C.O.M......$....
0b0 : 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03   ................
0c0 : 80 0B 00 01 00 0C 00 04 00 00 70 80 0D 00 00 18   ..........p.....
0d0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61   .+Qi...}|......a
0e0 : 00 00 00 04 0D 00 00 14 40 48 B7 D5 6E BC E8 85   ........@H..n...
0f0 : 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 90 CB 80 91   %.............
100 : 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F 00 00 00 14   >.in.c...B{.....
110 : 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 D0 CF B8 19   &$M8..a..*6.....
------------------------------------------------------------------------------
#(1 - 326419) [2010-05-12 07:46:06] [local/1000002] [snort/1:1000002]  LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE
IPv4: 131.107.0.96 -> 91.121.85.146
      hlen=5 TOS=0 dlen=316 ID=2823 flags=0 offset=0 TTL=113 chksum=2260
UDP:  port=500 -> dport: 500 len=296
Payload:  length = 288

000 : 53 82 2B 5D B8 BD 81 9F 00 00 00 00 00 00 00 00   S.+]............
010 : 01 10 02 00 00 00 00 00 00 00 01 20 0D 00 00 B0   ........... ....
020 : 00 00 00 01 00 00 00 01 00 00 00 A4 01 01 00 02   ................
030 : 03 00 00 78 01 01 00 00 80 01 00 05 80 02 00 02   ...x............
040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04   ................
050 : 00 00 70 80 40 00 00 50 73 00 65 00 61 00 2D 00   ..p.@..Ps.e.a.-.
060 : 70 00 72 00 78 00 79 00 2D 00 30 00 32 00 24 00   p.r.x.y.-.0.2.$.
070 : 40 00 52 00 45 00 44 00 4D 00 4F 00 4E 00 44 00   @.R.E.D.M.O.N.D.
080 : 2E 00 43 00 4F 00 52 00 50 00 2E 00 4D 00 49 00   ..C.O.R.P...M.I.
090 : 43 00 52 00 4F 00 53 00 4F 00 46 00 54 00 2E 00   C.R.O.S.O.F.T...
0a0 : 43 00 4F 00 4D 00 00 00 00 00 00 24 02 01 00 00   C.O.M......$....
0b0 : 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03   ................
0c0 : 80 0B 00 01 00 0C 00 04 00 00 70 80 0D 00 00 18   ..........p.....
0d0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61   .+Qi...}|......a
0e0 : 00 00 00 04 0D 00 00 14 40 48 B7 D5 6E BC E8 85   ........@H..n...
0f0 : 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 90 CB 80 91   %.............
100 : 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F 00 00 00 14   >.in.c...B{.....
110 : 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 D0 CF B8 19   &$M8..a..*6.....
------------------------------------------------------------------------------
#(3 - 159988) [2010-05-13 01:00:45] [local/1000002] [snort/1:1000002]  LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE
IPv4: 131.107.0.96 -> 94.23.207.114
      hlen=5 TOS=0 dlen=316 ID=22463 flags=0 offset=0 TTL=115 chksum=15773
UDP:  port=500 -> dport: 500 len=296
Payload:  length = 288

000 : 89 B0 FC D5 05 33 A6 AA 00 00 00 00 00 00 00 00   .....3..........
010 : 01 10 02 00 00 00 00 00 00 00 01 20 0D 00 00 B0   ........... ....
020 : 00 00 00 01 00 00 00 01 00 00 00 A4 01 01 00 02   ................
030 : 03 00 00 78 01 01 00 00 80 01 00 05 80 02 00 02   ...x............
040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04   ................
050 : 00 00 70 80 40 00 00 50 73 00 65 00 61 00 2D 00   ..p.@..Ps.e.a.-.
060 : 70 00 72 00 78 00 79 00 2D 00 30 00 32 00 24 00   p.r.x.y.-.0.2.$.
070 : 40 00 52 00 45 00 44 00 4D 00 4F 00 4E 00 44 00   @.R.E.D.M.O.N.D.
080 : 2E 00 43 00 4F 00 52 00 50 00 2E 00 4D 00 49 00   ..C.O.R.P...M.I.
090 : 43 00 52 00 4F 00 53 00 4F 00 46 00 54 00 2E 00   C.R.O.S.O.F.T...
0a0 : 43 00 4F 00 4D 00 00 00 00 00 00 24 02 01 00 00   C.O.M......$....
0b0 : 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03   ................
0c0 : 80 0B 00 01 00 0C 00 04 00 00 70 80 0D 00 00 18   ..........p.....
0d0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61   .+Qi...}|......a
0e0 : 00 00 00 04 0D 00 00 14 40 48 B7 D5 6E BC E8 85   ........@H..n...
0f0 : 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 90 CB 80 91   %.............
100 : 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F 00 00 00 14   >.in.c...B{.....
110 : 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 D0 CF B8 19   &$M8..a..*6.....
------------------------------------------------------------------------------
#(1 - 367178) [2010-06-21 04:35:29] [local/1000002] [snort/1:1000002]  LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE
IPv4: 131.107.0.96 -> 91.121.85.146
      hlen=5 TOS=0 dlen=316 ID=2318 flags=0 offset=0 TTL=114 chksum=2509
UDP:  port=500 -> dport: 500 len=296
Payload:  length = 288

000 : CB 69 AB 79 4D 23 9A 5B 00 00 00 00 00 00 00 00   .i.yM#.[........
010 : 01 10 02 00 00 00 00 00 00 00 01 20 0D 00 00 B0   ........... ....
020 : 00 00 00 01 00 00 00 01 00 00 00 A4 01 01 00 02   ................
030 : 03 00 00 78 01 01 00 00 80 01 00 05 80 02 00 02   ...x............
040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04   ................
050 : 00 00 70 80 40 00 00 50 73 00 65 00 61 00 2D 00   ..p.@..Ps.e.a.-.
060 : 70 00 72 00 78 00 79 00 2D 00 30 00 32 00 24 00   p.r.x.y.-.0.2.$.
070 : 40 00 52 00 45 00 44 00 4D 00 4F 00 4E 00 44 00   @.R.E.D.M.O.N.D.
080 : 2E 00 43 00 4F 00 52 00 50 00 2E 00 4D 00 49 00   ..C.O.R.P...M.I.
090 : 43 00 52 00 4F 00 53 00 4F 00 46 00 54 00 2E 00   C.R.O.S.O.F.T...
0a0 : 43 00 4F 00 4D 00 00 00 00 00 00 24 02 01 00 00   C.O.M......$....
0b0 : 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03   ................
0c0 : 80 0B 00 01 00 0C 00 04 00 00 70 80 0D 00 00 18   ..........p.....
0d0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61   .+Qi...}|......a
0e0 : 00 00 00 04 0D 00 00 14 40 48 B7 D5 6E BC E8 85   ........@H..n...
0f0 : 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 90 CB 80 91   %.............
100 : 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F 00 00 00 14   >.in.c...B{.....
110 : 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 D0 CF B8 19   &$M8..a..*6.....
------------------------------------------------------------------------------
#(1 - 372706) [2010-06-27 01:50:07] [local/1000002] [snort/1:1000002]  LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE
IPv4: 131.107.0.96 -> 91.121.85.146
      hlen=5 TOS=0 dlen=316 ID=6826 flags=0 offset=0 TTL=111 chksum=64304
UDP:  port=500 -> dport: 500 len=296
Payload:  length = 288

000 : 6D 83 05 8A 3E 4E 06 37 00 00 00 00 00 00 00 00   m...>N.7........
010 : 01 10 02 00 00 00 00 00 00 00 01 20 0D 00 00 B0   ........... ....
020 : 00 00 00 01 00 00 00 01 00 00 00 A4 01 01 00 02   ................
030 : 03 00 00 78 01 01 00 00 80 01 00 05 80 02 00 02   ...x............
040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04   ................
050 : 00 00 70 80 40 00 00 50 73 00 65 00 61 00 2D 00   ..p.@..Ps.e.a.-.
060 : 70 00 72 00 78 00 79 00 2D 00 30 00 32 00 24 00   p.r.x.y.-.0.2.$.
070 : 40 00 52 00 45 00 44 00 4D 00 4F 00 4E 00 44 00   @.R.E.D.M.O.N.D.
080 : 2E 00 43 00 4F 00 52 00 50 00 2E 00 4D 00 49 00   ..C.O.R.P...M.I.
090 : 43 00 52 00 4F 00 53 00 4F 00 46 00 54 00 2E 00   C.R.O.S.O.F.T...
0a0 : 43 00 4F 00 4D 00 00 00 00 00 00 24 02 01 00 00   C.O.M......$....
0b0 : 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03   ................
0c0 : 80 0B 00 01 00 0C 00 04 00 00 70 80 0D 00 00 18   ..........p.....
0d0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61   .+Qi...}|......a
0e0 : 00 00 00 04 0D 00 00 14 40 48 B7 D5 6E BC E8 85   ........@H..n...
0f0 : 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 90 CB 80 91   %.............
100 : 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F 00 00 00 14   >.in.c...B{.....
110 : 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 D0 CF B8 19   &$M8..a..*6.....
------------------------------------------------------------------------------
#(1 - 374352) [2010-06-27 21:24:10] [local/1000002] [snort/1:1000002]  LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE
IPv4: 131.107.0.96 -> 91.121.85.146
      hlen=5 TOS=0 dlen=316 ID=8028 flags=0 offset=0 TTL=113 chksum=62590
UDP:  port=500 -> dport: 500 len=296
Payload:  length = 288

000 : 19 63 2B CA E9 C6 5E 7A 00 00 00 00 00 00 00 00   .c+...^z........
010 : 01 10 02 00 00 00 00 00 00 00 01 20 0D 00 00 B0   ........... ....
020 : 00 00 00 01 00 00 00 01 00 00 00 A4 01 01 00 02   ................
030 : 03 00 00 78 01 01 00 00 80 01 00 05 80 02 00 02   ...x............
040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04   ................
050 : 00 00 70 80 40 00 00 50 73 00 65 00 61 00 2D 00   ..p.@..Ps.e.a.-.
060 : 70 00 72 00 78 00 79 00 2D 00 30 00 32 00 24 00   p.r.x.y.-.0.2.$.
070 : 40 00 52 00 45 00 44 00 4D 00 4F 00 4E 00 44 00   @.R.E.D.M.O.N.D.
080 : 2E 00 43 00 4F 00 52 00 50 00 2E 00 4D 00 49 00   ..C.O.R.P...M.I.
090 : 43 00 52 00 4F 00 53 00 4F 00 46 00 54 00 2E 00   C.R.O.S.O.F.T...
0a0 : 43 00 4F 00 4D 00 00 00 00 00 00 24 02 01 00 00   C.O.M......$....
0b0 : 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03   ................
0c0 : 80 0B 00 01 00 0C 00 04 00 00 70 80 0D 00 00 18   ..........p.....
0d0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61   .+Qi...}|......a
0e0 : 00 00 00 04 0D 00 00 14 40 48 B7 D5 6E BC E8 85   ........@H..n...
0f0 : 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 90 CB 80 91   %.............
100 : 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F 00 00 00 14   >.in.c...B{.....
110 : 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 D0 CF B8 19   &$M8..a..*6.....
------------------------------------------------------------------------------
#(3 - 200913) [2010-06-27 21:43:02] [local/1000002] [snort/1:1000002]  LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE
IPv4: 131.107.0.96 -> 94.23.207.114
      hlen=5 TOS=0 dlen=316 ID=11030 flags=0 offset=0 TTL=113 chksum=27718
UDP:  port=500 -> dport: 500 len=296
Payload:  length = 288

000 : D2 60 FF 2A BE B9 0D A0 00 00 00 00 00 00 00 00   .`.*............
010 : 01 10 02 00 00 00 00 00 00 00 01 20 0D 00 00 B0   ........... ....
020 : 00 00 00 01 00 00 00 01 00 00 00 A4 01 01 00 02   ................
030 : 03 00 00 78 01 01 00 00 80 01 00 05 80 02 00 02   ...x............
040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04   ................
050 : 00 00 70 80 40 00 00 50 73 00 65 00 61 00 2D 00   ..p.@..Ps.e.a.-.
060 : 70 00 72 00 78 00 79 00 2D 00 30 00 32 00 24 00   p.r.x.y.-.0.2.$.
070 : 40 00 52 00 45 00 44 00 4D 00 4F 00 4E 00 44 00   @.R.E.D.M.O.N.D.
080 : 2E 00 43 00 4F 00 52 00 50 00 2E 00 4D 00 49 00   ..C.O.R.P...M.I.
090 : 43 00 52 00 4F 00 53 00 4F 00 46 00 54 00 2E 00   C.R.O.S.O.F.T...
0a0 : 43 00 4F 00 4D 00 00 00 00 00 00 24 02 01 00 00   C.O.M......$....
0b0 : 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03   ................
0c0 : 80 0B 00 01 00 0C 00 04 00 00 70 80 0D 00 00 18   ..........p.....
0d0 : 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF B5 87 E4 61   .+Qi...}|......a
0e0 : 00 00 00 04 0D 00 00 14 40 48 B7 D5 6E BC E8 85   ........@H..n...
0f0 : 25 E7 DE 7F 00 D6 C2 D3 0D 00 00 14 90 CB 80 91   %.............
100 : 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F 00 00 00 14   >.in.c...B{.....
110 : 26 24 4D 38 ED DB 61 B3 17 2A 36 E3 D0 CF B8 19   &$M8..a..*6.....