7 Apr
2002
7 Apr
'02
08:38
have been poking about in my log files, and I came across this in the snort log: -=-=-=-=-==-=- Date: 04/06 21:59:10 Name: spp_bo: Back Orifice Traffic detected (key: 31337) Priority: n/a Type: n/a IP info: 193.152.242.145:1114 -> 213.93.174.231:31337 References: none found Date: 04/06 21:59:10 Name: BACKDOOR BackOrifice access Priority: 3 Type: Misc activity IP info: 193.152.242.145:1114 -> 213.93.174.231:31337 References: 1 -=-=-=-=-=-=-=- Maybe one of the Gurus on the list can enlighten me. As far as I know, Back Orifice is a Windows only problem. So, I am I correct in assuming that these two log entries are a record of someone scanning for for Back Orifice on my machine? C.