[Bro] Just a head up -- there may be a bug in PF_RING/libpcap return bad time values when there are dropped pacckets
William Jones
jones at tacc.utexas.edu
Thu Nov 17 09:54:29 PST 2011
- - -
1321520562.720025 VD19UEezKk4 xxx.xxx.xxx.xxx 54612 xxx.xxx.xx.xx 22 SSH::Login Heuristically detected successful SSH login. - xxx.xxx.xxx.xxx 129.114.53.21 22 - worker-1 Notice::ACTION_LOG 6 3600.000000 - - - - - - - - -
1.629801e+18 9gzmxQTXPJ3 xxx.xxx.xxx.xx 2055 129.114.50.164 22 SSH::Login Heuristically detected successful SSH login. - xxx.xxx.xxx.xx 129.114.50.164 22 - worker-9 Notice::ACTION_LOG 6 3600.000000 - - - - - - - - -
1.629801e+18 3tlmhveEq7i xxx.xxx.xxx.xx 14870 129.114.53.22 22 SSH::Login Heuristically detected successful SSH login. - xxx.xxx.xxx.xxx 129.114.53.22 22 - worker-9 Notice::ACTION_LOG 6 3600.000000 - - - - - - - - -
1.629801e+18 woMMKkdCqBf xxx.xxx.xxx.xxx 14872 129.114.53.22 22 SSH::Login Heuristically detected successful SSH login. - xxx.xxx.xxx.xxx 129.114.53.22 22 - worker-9 Notice::ACTION_LOG 6 3600.000000 - - - - - - - - -
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20111117/9bbaa71e/attachment.html
More information about the Bro
mailing list