[Silicon Defense logo]

SnortSnarf summary page

Top 9 source IPs

SnortSnarf v020516.1

Signature section (54)Top 20 source IPsTop 20 dest IPs

This page provides summary information about alerts acquired using input module SnortFileInput, with sources:

The most active source IPs are shown. Rank is determined by the number of alerts with that IP as the source. Within a rank, IPs are sorted by # of signatures, then by IP number.

RankTotal # AlertsSource IP# Signatures triggeredDestinations involved
rank #136 alerts(no IP)2 signatures(no IP)
rank #28 alerts68.142.251.1491 signatures192.168.1.2
rank #34 alerts65.54.188.781 signatures192.168.1.2
rank #41 alerts61.197.124.1191 signatures192.168.1.2
66.249.64.151 signatures192.168.1.2
192.5.4.1461 signatures192.168.1.2
202.12.29.601 signatures192.168.1.2
209.133.23.1511 signatures192.168.1.2
217.212.224.1411 signatures192.168.1.2

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Sat Jul 23 22:10:13 2005