Changes between Version 37 and Version 38 of icasIII

Timestamp:

Jul 4, 2011, 3:25:48 PM (13 years ago)

Author:

waue

Comment:

--

icasIII

@@ -260 +260 @@
 輸入：
  || 0 @@  || 1 @@  || 2 @@  || 3 @@  || 4 @@  || 5 @@  || 6 @@  || 7 @@ ||  8 @@ || 
- ||  77.68.104.162->140.110.134.198 ||  p  ||  20110701_124104~20110701_130001 ||  [class] ||  [sid] ||  [(spp_ssh) Protocol mismatch ] || [ port ] || [ids] || 1429-1-1 || 
+ ||  77.68.104.162->140.110.134.198 ||  priority  || time~time ||  [class] ||  [sid] ||  [detail ] || [ port ] || [ids] || count || 
 
 輸出結果： sip @@ dip @@ port @@ time @@ detail @@ ids @@ count 
 
+ === 範例 ===
+ 
+{{{
+#!text
+111.165.17.16->phe96.sro.nchc.org.tw    @@1@@20030811_121000~20030811_121000@@[0]@@[0]@@[FTP: Format String in Command]@@[65432,555]@@[1,2,3]@@222-1-1
+112.78.196.214->140.110.110.4   @@1@@20030811_123000~20030811_123000@@[0]@@[0]@@[SSH: Pragma Fortress Key OverFlow]@@[22,999]@@[1]@@44-1-1
+112.78.196.214->140.110.111.11  @@2@@20030811_121800~20030811_121800@@[0]@@[0]@@[SSH: Pragma Fortress Key OverFlow]@@[22]@@[2]@@1-1-1
+112.78.196.214->140.110.113.131 @@3@@20030811_115400~20030811_115400@@[0]@@[0]@@[SSH: Pragma Fortress Key OverFlow]@@[22]@@[2]@@2-1-1
+}}}
+
+{{{
+#!text
+111.165.17.16@@phe96.sro.nchc.org.tw@@65432,555@@20030811_121000~20030811_121000@@FTP: Format String in Command@@snort,idp8200,nk7admin@@222
+112.78.196.214@@140.110.110.4@@22,999@@20030811_123000~20030811_123000@@SSH: Pragma Fortress Key OverFlow@@snort@@44
+}}}
+
  = 試算結果 =