View Single Post
BarryG BarryG is offline
Join Date: Jul 2001
Location: southern California
Posts: 12,066
#2 (permalink)  
Old 02-12-2012, 07:51 PM

I'm not seeing those alerts in my ips log at home (ASG 7.510), but I am seeing lots of:

2012:02:11-21:07:28 fw snort[8512]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="DNS TCP inverse query" group="241" srcip="" dstip="" proto="6" srcport="56965" dstport="53" sid="2922" class="Attempted Information Leak" priority="2"  generator="1" msgid="0" is my main PC (WinXP SP3)
and is Astaro

IT Consultant specializing in high-performance Web Infrastructure and Security.
Astaro End-user since v1.x
  • ASL 9.2x, HP DL360G5 - FW, IPS, VPNs
  • ASL 9.2x, 2 Dell 1950's as WAF/proxy w HA
  • UTM 9.1x, Atom n270, 2GB RAM, 2 Intel GigE
    Netgear GS108T gigE switch & Astaro AP30 Access Point with 4 VLANs.
    60/60mbit FiOS internet.
  • Pending - UTM 9.2x, i5-4670, 4GB RAM, 2 Intel GigE
    Needs new NIC drivers before deploying
Reply With Quote