[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-dev] OSSEC Notification - enigma - Alert level 10

To: <dancid@xxxxxxxxxxxxxxx>
Subject: [ossec-dev] OSSEC Notification - enigma - Alert level 10
From: OSSEC HIDS <ossecm@xxxxxxxxx>
Date: Sat, 09 Jun 2007 21:02:49 ADT

OSSEC HIDS Notification.
2007 Jun 09 21:02:37

Received From: enigma->192.168.2.15
Rule: 4151 fired (level 10) -> "Multiple Firewall drop events from same source."
Portion of the log(s):

%PIX-7-710005: UDP request discarded from 192.168.2.26/137 to outside:192.168.2.255/netbios-ns
%PIX-7-710005: UDP request discarded from 192.168.2.26/137 to outside:192.168.2.255/netbios-ns
%PIX-7-710005: UDP request discarded from 192.168.2.26/137 to outside:192.168.2.255/netbios-ns
%PIX-7-710005: UDP request discarded from 192.168.2.26/137 to outside:192.168.2.255/netbios-ns
%PIX-7-710005: UDP request discarded from 192.168.2.26/137 to outside:192.168.2.255/netbios-ns
%PIX-7-710005: UDP request discarded from 192.168.2.26/137 to outside:192.168.2.255/netbios-ns
%PIX-7-710005: UDP request discarded from 192.168.2.26/137 to outside:192.168.2.255/netbios-ns
%PIX-7-710005: UDP request discarded from 192.168.2.26/137 to outside:192.168.2.255/netbios-ns
%PIX-7-710005: UDP request discarded from 192.168.2.26/137 to outside:192.168.2.255/netbios-ns
%PIX-7-710005: UDP request discarded from 192.168.2.26/138 to outside:192.168.2.255/netbios-dgm



 --END OF NOTIFICATION

Follow-Ups:
- [ossec-dev] Re: OSSEC Notification - enigma - Alert level 10
  - From: Daniel Cid

Prev by Date: [ossec-dev] Remote log injection paper
Next by Date: [ossec-dev] Re: OSSEC Notification - enigma - Alert level 10
Previous by thread: [ossec-dev] Remote log injection paper
Next by thread: [ossec-dev] Re: OSSEC Notification - enigma - Alert level 10
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.