Mailinglist Archive: opensuse-security (556 mails)

[Markus Kohli <kohli@xxxxxxxxxx>]

Hi together!

I just figured out how to run snort (altough it doesn't start at boot-up,
hell knows why...).
Now it keeps telling me, that there is a portscan against myself from my
machine running.
Look at this:
[**] [100:1:1] spp_portscan: PORTSCAN DETECTED from 10.0.3.19 (THRESHOLD 4
connections exceeded in 7 seconds) [**]
09/24-23:52:42.477424 

[**] [100:2:1] spp_portscan: portscan status from 10.0.3.19: 6 connections
across 6 hosts: TCP(5), UDP(1) [**]
09/24-23:53:58.678712 

[**] [100:2:1] spp_portscan: portscan status from 10.0.3.19: 1 connections
across 1 hosts: TCP(0), UDP(1) [**]
09/24-23:54:03.679551 

[**] [100:2:1] spp_portscan: portscan status from 10.0.3.19: 1 connections
across 1 hosts: TCP(0), UDP(1) [**]
09/24-23:54:08.689307 

[**] [100:2:1] spp_portscan: portscan status from 10.0.3.19: 2 connections
across 2 hosts: TCP(1), UDP(1) [**]
09/24-23:55:00.534798 

And I swear, I'm not running any nmap or anything similar, and haven't been
running since the last reboot...
Could anybody help me please?

TIA

kind regards

markus