Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Many of these IDS warnings in router security logs in the last few days, in specifics does anyone know what the different codes mean : i.e what the { S.A.U.P} {F.R.P} {F.A..} and {S.ARUP} that appear as the only differences in the attempts mean?. An explantiion of what is being attempted would be really helpful.
Thanks.
06:11:38 29 Jun
IDS proto parser : tcp null port (1 of 1) : 115.236.59.28 81.xxxxx 0060 TCP 0->0 [S.A.UP] seq 3029953125 ack 0 win 80
04:41:27 29 Jun
IDS proto parser : tcp null port (1 of 1) : 115.236.59.28 81.xxxxxxx 0060 TCP 0->0 [.F.R.P] seq 3029953125 win 80
03:05:55 29 Jun
IDS proto parser : tcp null port (1 of 1) : 115.236.59.28 81.xxxxx 0060 TCP 0->0 [.FA...] seq 3029953125 ack 0 win 80
02:56:43 29 Jun
IDS proto parser : tcp null port (1 of 1) : 115.236.59.28 81.xxxxxx 0060 TCP 0->0 [S.ARUP] seq 3029953125 ack 0 win 80
Back to top
