Navigation
Documentation

From OSSEC Wiki

Jump to: navigation, search

Log samples for Iplog

Some log samples for iplog. 

Nov  9 16:24:47 TCP: ftp connection attempt from mail.derkeiler.com (195.140.232.116):52516
Nov  9 16:24:47 TCP: pptp connection attempt from mail.derkeiler.com (195.140.232.116):51624
Nov  9 16:24:47 TCP: domain connection attempt from mail.derkeiler.com (195.140.232.116):56341
Nov  9 16:24:47 TCP: ldaps connection attempt from mail.derkeiler.com (195.140.232.116):57057
Nov  9 16:24:47 TCP: https connection attempt from mail.derkeiler.com (195.140.232.116):2032
Nov  9 16:24:47 TCP: ldap connection attempt from mail.derkeiler.com (195.140.232.116):53716
Nov  9 16:24:47 TCP: rdp connection attempt from mail.derkeiler.com (195.140.232.116):62101
Nov  9 16:24:47 TCP: rtsp connection attempt from mail.derkeiler.com (195.140.232.116):60003
Nov  9 16:24:49 TCP: rtsp connection attempt from mail.derkeiler.com (195.140.232.116):58672
Nov  9 16:24:49 TCP: pptp connection attempt from mail.derkeiler.com (195.140.232.116):56416
Nov  9 16:24:49 TCP: rdp connection attempt from mail.derkeiler.com (195.140.232.116):50295
Nov  9 16:24:49 TCP: https connection attempt from mail.derkeiler.com (195.140.232.116):53896
Nov  9 16:24:49 TCP: ldap connection attempt from mail.derkeiler.com (195.140.232.116):65200
Nov  9 16:24:49 TCP: ftp connection attempt from mail.derkeiler.com (195.140.232.116):61067
Nov  9 16:24:49 TCP: port scan detected [ports 21,1723,53,636,443,389,3389,554] from mail.derkeiler.com (195.140.232.116) [ports 52516,51624$
Nov  9 16:26:39 TCP: port scan mode expired for mail.derkeiler.com (195.140.232.116) - received a total of 3308 packets (132320 bytes).
Retrieved from "http://www.ossec.net/wiki/Iplog"