Handler on Duty: Didier Stevens
Threat Level: green
Loading...
|
|
|||||||||||
| Submitted By | Date |
|---|---|
| Comment | |
| jynx@icurnet.com | 2006-03-12 05:53:05 |
| I have seen udp/3423 in my snort install at home. In my case it is a dst of 159.153.238.200 belonging to Electronic Arts. I have Battlefield 2 installed with their (mandatory) EA Downloader so I suspect this is the originator. I have a traffic dump if you want it just ask (quickly!). You may list the Name field if I am to receive public credit. Thanks! jynx p.s.- snort output from base follows: length = 508 000 : 3F F0 7C FF FF FF FF F3 01 04 EB 00 00 A8 48 2F ?.|...........H/ 010 : 58 16 01 00 03 4F C8 42 65 99 25 42 2B 7B 66 42 X....O.Be.%B+{fB 020 : 7F 06 0E 1A C8 FF BF FF 0F 18 00 00 00 00 F4 4B ..............K 030 : 19 1E D0 BE E8 00 01 8E FD 88 03 00 5A 50 6D 00 ............ZPm. 040 : 00 A0 82 81 01 40 78 00 80 6C 5E 53 08 00 00 00 .....@x..l^S.... 050 : 00 00 00 00 60 1A F2 ED 07 C0 51 30 BF 6F 96 F1 ....`.....Q0.o.. 060 : 07 00 00 F0 92 10 00 02 1A 1E 00 00 00 FE D1 01 ................ 070 : 00 0F 00 00 20 80 51 00 48 01 40 00 00 F8 C0 96 .... .Q.H.@..... 080 : 04 58 20 80 A9 2A 49 80 05 82 C0 B2 14 00 78 00 .X ..*I.......x. 090 : 00 00 01 8E 48 80 05 82 48 CF 2C 00 78 00 00 00 ....H...H.,.x... 0a0 : 01 AC 27 C1 09 08 FD B4 C2 75 8D 1C F0 C6 02 00 ..'......u...... 0b0 : 2A AC 0D 4A 48 41 0F 06 27 90 48 30 FE C5 1D 35 *..JHA..'.H0...5 0c0 : 49 FC 01 04 AA 08 00 00 00 50 C8 81 B1 2C 00 00 I........P...,.. 0d0 : 79 B9 D9 20 3D 64 4C 21 62 FF A8 61 37 88 B9 08 y.. =dL!b..a7... 0e0 : CE 17 93 F8 8B EF 0A 48 50 A0 7D 00 C1 0A 0A 24 .......HP.}....$ 0f0 : 0F 04 7B 0E 00 00 00 44 E7 AF 3D 03 9A 98 04 00 ..{....D..=..... 100 : 09 03 DE 0D 1F 20 EA D4 7B 10 06 1F C0 53 B2 07 ..... ..{....S.. 110 : 30 A9 03 C1 58 00 40 5E CA 77 87 05 FB C6 E6 01 0...X.@^.w...... 120 : 00 00 17 6C 00 34 F8 E1 3F 00 00 00 10 D6 01 18 ...l.4..?....... 130 : 00 00 00 00 00 00 E4 75 00 06 00 00 00 00 00 00 .......u........ 140 : 55 1D 28 C7 02 00 F8 48 F5 11 D6 B6 1A 10 0A 30 U.(....H.......0 150 : 54 1A 36 00 00 C0 0C FF FE 85 43 02 20 00 00 00 T.6.......C. ... 160 : 48 EF 40 45 16 00 C0 EF 6C 93 B0 17 CD 80 90 53 H.@E....l......S 170 : 31 D2 B0 01 00 00 2E FE F2 6F 0E CB FF 12 A1 B2 1........o...... 180 : 7F 12 FD F3 3F 00 40 C0 06 88 80 00 14 AC 11 30 ...?.@........0 190 : BA 90 AC ED 1C F0 C7 02 00 98 7B 35 1A 36 BB A5 ..........{5.6.. 1a0 : 0F 72 F9 36 19 36 00 00 40 AA 1E 49 16 C4 82 1E .r.6.6..@..I.... 1b0 : 00 00 00 00 00 00 50 D8 81 7E 2C 00 20 2C 6C D8 ......P..~,. ,l. 1c0 : B2 81 B1 E6 34 C3 C1 C3 75 0E E8 01 35 7C 5E 82 ....4...u...5|^. 1d0 : D5 3C 50 72 81 03 08 82 D6 87 3C 0E 08 01 12 EA .<Pr......<..... 1e0 : B8 42 92 86 F4 B8 76 0C 4C 62 10 08 44 72 41 9D .B....v.Lb..DrA. 1f0 : 29 70 CA 35 23 53 10 34 89 9F 02 B8 )p.5#S.4.... | |
| CVE # | Description |
|---|
© 2025 SANS™ Internet Storm Center
Developers: We have an API for you! 