------------------------------------------------------------------------------ #(1 - 308090) [2010-04-27 17:19:01] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.98 -> 91.121.85.146 hlen=5 TOS=0 dlen=556 ID=23518 flags=0 offset=0 TTL=48 chksum=63498 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : 66 B7 91 5E 98 7F 88 E6 00 00 00 00 00 00 00 00 f..^.......... 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R ------------------------------------------------------------------------------ #(2 - 240571) [2010-04-27 17:36:04] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.98 -> 91.121.75.197 hlen=5 TOS=0 dlen=556 ID=4493 flags=0 offset=0 TTL=47 chksum=19753 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : 7B 81 CD D4 44 8B E8 30 00 00 00 00 00 00 00 00 {...D..0........ 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R ------------------------------------------------------------------------------ #(2 - 248962) [2010-05-18 16:26:33] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.98 -> 91.121.75.197 hlen=5 TOS=0 dlen=556 ID=10478 flags=0 offset=0 TTL=48 chksum=13512 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : 28 92 DE 1B F6 54 4B 80 00 00 00 00 00 00 00 00 (....TK......... 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R ------------------------------------------------------------------------------ #(2 - 249607) [2010-05-20 16:29:24] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.98 -> 91.121.75.197 hlen=5 TOS=0 dlen=556 ID=7268 flags=0 offset=0 TTL=48 chksum=16722 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : 3D 0F 59 4A AF 27 6B BC 00 00 00 00 00 00 00 00 =.YJ.'k......... 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R ------------------------------------------------------------------------------ #(1 - 364971) [2010-06-18 16:32:22] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.98 -> 91.121.85.146 hlen=5 TOS=0 dlen=556 ID=6560 flags=0 offset=0 TTL=49 chksum=14665 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : 91 51 28 70 88 E6 12 20 00 00 00 00 00 00 00 00 .Q(p... ........ 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R ------------------------------------------------------------------------------ #(2 - 263205) [2010-06-18 16:51:46] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.98 -> 91.121.75.197 hlen=5 TOS=0 dlen=556 ID=4677 flags=0 offset=0 TTL=49 chksum=19057 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : 5C 72 26 33 A2 E6 C2 60 00 00 00 00 00 00 00 00 \r&3...`........ 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R ------------------------------------------------------------------------------ #(3 - 194366) [2010-06-18 16:34:43] [local/1000002] [snort/1:1000002] LOCAL Inbound Traffic to Unused UDP Ports -- BLOCKING SOURCE IPv4: 131.107.0.98 -> 94.23.207.114 hlen=5 TOS=0 dlen=556 ID=5242 flags=0 offset=0 TTL=50 chksum=49392 UDP: port=500 -> dport: 500 len=536 Payload: length = 528 000 : FF EA 09 A1 3B 74 AF 55 00 00 00 00 00 00 00 00 ....;t.U........ 010 : 01 10 02 00 00 00 00 00 00 00 02 10 0D 00 01 64 ...............d 020 : 00 00 00 01 00 00 00 01 00 00 01 58 01 01 00 08 ...........X.... 030 : 03 00 00 30 01 01 00 00 80 01 00 05 80 02 00 02 ...0............ 040 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 050 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 060 : 03 00 00 30 02 01 00 00 80 01 00 05 80 02 00 01 ...0............ 070 : 80 04 00 02 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 080 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 090 : 03 00 00 30 03 01 00 00 80 01 00 01 80 02 00 02 ...0............ 0a0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0b0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0c0 : 03 00 00 30 04 01 00 00 80 01 00 01 80 02 00 01 ...0............ 0d0 : 80 04 00 01 80 03 FD E9 80 0B 00 01 00 0C 00 04 ................ 0e0 : 00 00 1C 20 40 00 00 08 49 00 4B 00 45 00 00 00 ... @...I.K.E... 0f0 : 03 00 00 24 05 01 00 00 80 01 00 05 80 02 00 02 ...$............ 100 : 80 04 00 02 80 03 00 03 80 0B 00 01 00 0C 00 04 ................ 110 : 00 00 1C 20 03 00 00 24 06 01 00 00 80 01 00 05 ... ...$........ 120 : 80 02 00 01 80 04 00 02 80 03 00 03 80 0B 00 01 ................ 130 : 00 0C 00 04 00 00 1C 20 03 00 00 24 07 01 00 00 ....... ...$.... 140 : 80 01 00 01 80 02 00 02 80 04 00 01 80 03 00 03 ................ 150 : 80 0B 00 01 00 0C 00 04 00 00 1C 20 00 00 00 24 ........... ...$ 160 : 08 01 00 00 80 01 00 01 80 02 00 01 80 04 00 01 ................ 170 : 80 03 00 03 80 0B 00 01 00 0C 00 04 00 00 1C 20 ............... 180 : 0D 00 00 18 1E 2B 51 69 05 99 1C 7D 7C 96 FC BF .....+Qi...}|... 190 : B5 87 E4 61 00 00 00 08 0D 00 00 14 4A 13 1C 81 ...a........J... 1a0 : 07 03 58 45 5C 57 28 F2 0E 95 45 2F 0D 00 00 14 ..XE\W(...E/.... 1b0 : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{. 1c0 : 0D 00 00 14 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F ....@H..n...%. 1d0 : 00 D6 C2 D3 0D 00 00 14 FB 1D E3 CD F3 41 B7 EA .............A.. 1e0 : 16 B7 E5 BE 08 55 F1 20 0D 00 00 14 26 24 4D 38 .....U. ....&$M8 1f0 : ED DB 61 B3 17 2A 36 E3 D0 CF B8 19 00 00 00 14 ..a..*6......... 200 : E3 A5 96 6A 76 37 9F E7 07 22 82 31 E5 CE 86 52 ...jv7...".1...R