All ACK/SYN's
All TTL's decrement from 255 = Solaris 7
Win size 0x1020 = 4128 dec = ?
TCP options = 1, MSS = Solaris 7 or AIX
DgmLen = 44 = Solaris 7 or AIX
All Seq #'s one greater than all Ack #'s
216.35.167.58: BW whois 2.9 by Bill Weinman (http://whois.bw.org/) © 1999-2001 William E. Weinman %rwhois V-1.5:001ab7:00 rwhois.exodus.net (Exodus Communications) network:Class-Name:network network:Auth-Area:0.0.0.0/0 network:Network-Name:216.35.167.56 network:IP-Network:216.35.167.56/30 network:Name;I:Joe DeFelice network:Email;I:joe.defelice@mirror-image.net network:Street;I:49 Dragon Court network:City;I:Woburn network:State;I:MA network:Postal-Code;I:01801 network:Country-Code;I:USA 64.14.200.154: BW whois 2.9 by Bill Weinman (http://whois.bw.org/) © 1999-2001 William E. Weinman Request: 64.14.200.154 connecting to whois.arin.net [63.146.182.182:43] ... connecting to rwhois.exodus.net [64.41.251.179:4321] ... %rwhois V-1.5:001ab7:00 rwhois.exodus.net (Exodus Communications) network:Class-Name:network network:Auth-Area:0.0.0.0/0 network:Network-Name:64.14.200.152 network:IP-Network:64.14.200.152/30 network:Name;I:Joe DeFelice network:Email;I:joe.defelice@mirror-image.net network:Street;I:49 Dragon Court network:City;I:Woburn network:State;I:MA network:Postal-Code;I:01801 network:Country-Code;I:USA 129.250.244.10: BW whois 2.9 by Bill Weinman (http://whois.bw.org/) © 1999-2001 William E. Weinman %rwhois V-1.5:0078b6:00 rwhois.verio.net (Vipar 0.1a. Comments to vipar@verio.net) network:Class-Name:network network:Auth-Area:129.250.240.0/21 network:ID:NETBLK-NET-INF-NUMBERED-INTERFACES.127.0.0.1/32 network:Handle:NETBLK-NET-INF-NUMBERED-INTERFACES network:Network-Name:NET-INF-NUMBERED-INTERFACES network:IP-Network:129.250.244.0/24 network:In-Addr-Server;I:C60-VRIO-HST.127.0.0.1/32 network:In-Addr-Server;I:U60-VRIO-HST.127.0.0.1/32 network:IP-Network-Block:129.250.244.0 - 129.250.244.255 network:Org-Name:NTT/Verio network:Street-Address:1950 Stemmons Fwy network:City:Dallas network:State:TX network:Postal-Code:75207 network:Country-Code:USA 209.157.68.18: BW whois 2.9 by Bill Weinman (http://whois.bw.org/) © 1999-2001 William E. Weinman %rwhois V-1.5:0078b6:00 rwhois.verio.net (Vipar 0.1a. Comments to vipar@verio.net) network:Class-Name:network network:Auth-Area:209.157.64.0/21 network:ID:NETBLK-C053-209-157-68-16.127.0.0.1/32 network:Handle:NETBLK-C053-209-157-68-16 network:Network-Name:C053-209-157-68-16 network:IP-Network:209.157.68.16/29 network:In-Addr-Server;I:C60-VRIO-HST.127.0.0.1/32 network:In-Addr-Server;I:U60-VRIO-HST.127.0.0.1/32 network:IP-Network-Block:209.157.68.16 - 209.157.68.23 network:Org-Name:California Virtual Campus network:Street-Address:10650 Bubb Rd, network:City:Cupertino network:State:CA network:Postal-Code:95014 network:Country-Code:US 216.33.35.214: BW whois 2.9 by Bill Weinman (http://whois.bw.org/) © 1999-2001 William E. Weinman Request: 216.33.35.214 connecting to whois.arin.net [192.149.252.22:43] ... connecting to rwhois.exodus.net [64.41.251.179:4321] ... %rwhois V-1.5:001ab7:00 rwhois.exodus.net (Exodus Communications) network:Class-Name:network network:Auth-Area:0.0.0.0/0 network:Network-Name:216.33.35.212 network:IP-Network:216.33.35.212/30 network:Name;I:Joe DeFelice network:Email;I:joe.defelice@mirror-image.net network:Street;I:49 Dragon Court network:City;I:Woburn network:State;I:MA 64.37.200.46: BW whois 2.9 by Bill Weinman (http://whois.bw.org/) © 1999-2001 William E. Weinman %rwhois V-1.5:001ab7:00 rwhois.exodus.net (Exodus Communications) network:Class-Name:network network:Auth-Area:0.0.0.0/0 network:Network-Name:64.37.200.44 network:IP-Network:64.37.200.44/30 network:Name;I:Joe DeFelice network:Email;I:joe.defelice@mirror-image.net network:Street;I:49 Dragon Court network:City;I:Woburn network:State;I:MA network:Postal-Code;I:01801 network:Country-Code;I:USA 128.121.10.146: BW whois 2.9 by Bill Weinman (http://whois.bw.org/) © 1999-2001 William E. Weinman %rwhois V-1.5:0078b6:00 rwhois.verio.net (Vipar 0.1a. Comments to vipar@verio.net) network:Class-Name:network network:Auth-Area:128.121.0.0/19 network:ID:NETBLK-C052-128-121-10-144.127.0.0.1/32 network:Handle:NETBLK-C052-128-121-10-144 network:Network-Name:C052-128-121-10-144 network:IP-Network:128.121.10.144/29 network:In-Addr-Server;I:C60-VRIO-HST.127.0.0.1/32 network:In-Addr-Server;I:U60-VRIO-HST.127.0.0.1/32 network:IP-Network-Block:128.121.10.144 - 128.121.10.151 network:Org-Name:Mirror Image network:Street-Address:49 Dragon Ct, network:City:Woburn network:State:MA network:Postal-Code:01801 network:Country-Code:US
# INPUT: REJECT tcp port :53 packets from anywhere: tcp:53 bursts ipchains -A input -i $extint -p tcp -s any/0 -d $extip 53:53 -j REJECT -l # rule 46 - 06/11/01
in hopes that sending back a RST would lessen the volume of this stuff (previously I had DENY'ed the packets, which just blackholes them..), but it's hard to say that it's really worked..
03/08-21:05:08.197992 216.35.167.58:40614 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xE1A3497 Ack: 0xE1A3496 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.208060 64.14.200.154:37844 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x192F02A1 Ack: 0x192F02A0 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.218081 129.250.244.10:24556 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x2DE254B Ack: 0x2DE254A Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.227999 209.157.68.18:31346 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xDF2F9BF Ack: 0xDF2F9BE Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.228050 216.33.35.214:48438 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x3CD4F0F Ack: 0x3CD4F0E Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.267975 64.37.200.46:22809 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x109687F1 Ack: 0x109687F0 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.278002 128.121.10.146:32747 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x291B532 Ack: 0x291B531 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.287999 216.34.68.2:60597 -> 12.82.141.194:53
TCP TTL:242 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x9CBB14B7 Ack: 0x9CBB14B6 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.297994 213.248.75.42:16832 -> 12.82.141.194:53
TCP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x3F62F5E Ack: 0x3F62F5D Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.317976 213.248.69.78:46071 -> 12.82.141.194:53
TCP TTL:242 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x3ED9755 Ack: 0x3ED9754 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.348008 64.56.174.186:31192 -> 12.82.141.194:53
TCP TTL:241 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xA6C469E2 Ack: 0xA6C469E1 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.598046 213.248.70.234:55375 -> 12.82.141.194:53
TCP TTL:241 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x618180D Ack: 0x618180C Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 556
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.608040 194.213.64.150:13092 -> 12.82.141.194:53
TCP TTL:237 TOS:0x20 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x60A1FC6 Ack: 0x60A1FC5 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.618051 202.139.133.129:37246 -> 12.82.141.194:53
TCP TTL:239 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x7A5CFA51 Ack: 0x7A5CFA50 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.668038 203.194.166.182:59993 -> 12.82.141.194:53
TCP TTL:239 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x165F7C73 Ack: 0x165F7C72 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:08.678055 203.81.45.254:61290 -> 12.82.141.194:53
TCP TTL:236 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x28B400EB Ack: 0x28B400EA Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:11.968360 213.248.75.42:17004 -> 12.82.141.194:53
TCP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x3F6300A Ack: 0x3F63009 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:11.968411 216.35.167.58:40614 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xE1A3497 Ack: 0xE1A3496 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:11.978436 209.157.68.18:31346 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xDF2F9BF Ack: 0xDF2F9BE Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:11.988558 129.250.244.10:24556 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x2DE254B Ack: 0x2DE254A Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:11.998687 64.14.200.154:37844 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x192F02A1 Ack: 0x192F02A0 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.008505 216.33.35.214:48438 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x3CD4F0F Ack: 0x3CD4F0E Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.038462 64.37.200.46:22809 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x109687F1 Ack: 0x109687F0 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.048508 128.121.10.146:32747 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x291B532 Ack: 0x291B531 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.058402 216.34.68.2:60597 -> 12.82.141.194:53
TCP TTL:242 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x9CBB14B7 Ack: 0x9CBB14B6 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.068398 213.248.75.42:16832 -> 12.82.141.194:53
TCP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x3F62F5E Ack: 0x3F62F5D Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.078394 213.248.69.78:46071 -> 12.82.141.194:53
TCP TTL:242 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x3ED9755 Ack: 0x3ED9754 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.088417 64.56.174.186:31192 -> 12.82.141.194:53
TCP TTL:241 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xA6C469E2 Ack: 0xA6C469E1 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.088469 213.248.70.234:55375 -> 12.82.141.194:53
TCP TTL:241 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x618180D Ack: 0x618180C Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 556
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.118378 194.213.64.150:13092 -> 12.82.141.194:53
TCP TTL:237 TOS:0x20 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x60A1FC6 Ack: 0x60A1FC5 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.128388 216.35.167.58:40758 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xE1A3527 Ack: 0xE1A3526 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.138381 209.157.68.18:31490 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xDF2FA4F Ack: 0xDF2FA4E Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.138443 64.14.200.154:38011 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x192F0348 Ack: 0x192F0347 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.148416 129.250.244.10:24722 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x2DE25F1 Ack: 0x2DE25F0 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.158403 216.33.35.214:48605 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x3CD4FB6 Ack: 0x3CD4FB5 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.168401 64.37.200.46:22976 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x10968898 Ack: 0x10968897 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.178390 128.121.10.146:32880 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x291B5B7 Ack: 0x291B5B6 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.188388 202.139.133.129:37246 -> 12.82.141.194:53
TCP TTL:239 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x7A5CFA51 Ack: 0x7A5CFA50 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.198393 216.34.68.2:60740 -> 12.82.141.194:53
TCP TTL:242 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x9CBB1546 Ack: 0x9CBB1545 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.208394 203.194.166.182:59993 -> 12.82.141.194:53
TCP TTL:239 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x165F7C73 Ack: 0x165F7C72 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.598421 213.248.69.78:46238 -> 12.82.141.194:53
TCP TTL:242 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x3ED97FC Ack: 0x3ED97FB Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.608442 64.56.174.186:31359 -> 12.82.141.194:53
TCP TTL:241 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xA6C46A89 Ack: 0xA6C46A88 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.618442 213.248.70.234:55542 -> 12.82.141.194:53
TCP TTL:241 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x61818B4 Ack: 0x61818B3 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 556
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.618494 194.213.64.150:13259 -> 12.82.141.194:53
TCP TTL:237 TOS:0x20 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x60A206D Ack: 0x60A206C Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.678493 203.81.45.254:61290 -> 12.82.141.194:53
TCP TTL:236 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x28B400EB Ack: 0x28B400EA Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.688506 202.139.133.129:37413 -> 12.82.141.194:53
TCP TTL:239 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x7A5CFAF8 Ack: 0x7A5CFAF7 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.698537 203.194.166.182:60160 -> 12.82.141.194:53
TCP TTL:239 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x165F7D1A Ack: 0x165F7D19 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:12.708492 203.81.45.254:61457 -> 12.82.141.194:53
TCP TTL:236 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x28B40192 Ack: 0x28B40191 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:13.458490 216.33.35.214:48707 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x3CD501C Ack: 0x3CD501B Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:13.468498 64.37.200.46:23078 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x109688FE Ack: 0x109688FD Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:13.478495 128.121.10.146:32972 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x291B613 Ack: 0x291B612 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:13.488484 209.157.68.18:31576 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xDF2FAA5 Ack: 0xDF2FAA4 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:13.488536 129.250.244.10:24830 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x2DE265D Ack: 0x2DE265C Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:13.498519 216.35.167.58:40842 -> 12.82.141.194:53
TCP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0xE1A357B Ack: 0xE1A357A Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
03/08-21:05:13.508534 64.14.200.154:38121 -> 12.82.141.194:53
TCP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:44
***A**S* Seq: 0x192F03B6 Ack: 0x192F03B5 Win: 0x1020 TcpLen: 24
TCP Options (1) => MSS: 536
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
===============================================================================
Snort processed 55 packets.
Breakdown by protocol: Action Stats:
TCP: 55 (100.000%) ALERTS: 0
UDP: 0 (0.000%) LOGGED: 0
ICMP: 0 (0.000%) PASSED: 0
ARP: 0 (0.000%)
IPv6: 0 (0.000%)
IPX: 0 (0.000%)
OTHER: 0 (0.000%)
===============================================================================
Fragmentation Stats:
Fragmented IP Packets: 0 (0.000%)
Rebuilt IP Packets: 0
Frag elements used: 0
Discarded(incomplete): 0
Discarded(timeout): 0
===============================================================================
TCP Stream Reassembly Stats:
TCP Packets Used: 0 (0.000%)
Reconstructed Packets: 0 (0.000%)
Streams Reconstructed: 0
===============================================================================