Re: DoS

From: Nathan W. Labadie (
Date: 01/07/02

From: "Nathan W. Labadie" <>
To: <>
Date: Mon, 7 Jan 2002 14:22:22 -0500

We've been using snort with ACID as a front-end and MySQL as the
back-end with great success. ACID has a feature that allows you to
export the alerts as an email, along with any custom message. For us,
they look something like this:

The following logs are in the EDT timezone (GMT-5). Please investigate
and report back.

Thank you.

Nathan W. Labadie
Sr. Security Specialist
C&IT Security Office
Wayne State University

Generated by ACID v0.9.6b20 on Mon January 07, 2002 08:36:42

#1-3916| [2002-01-07 08:04:34] ->
[arachNIDS/24] RPC portmap request ttdbserv
#1-3921| [2002-01-07 08:08:27] ->
[arachNIDS/24] RPC portmap request ttdbserv
#1-3951| [2002-01-07 08:08:31] ->
[arachNIDS/24] RPC portmap request ttdbserv

More information can be found here:

On Monday 07 January 2002 11:23 am, you wrote:
> I'd like to know if there is anykind of software that can besides
> detecting DoS attack also report via any tool to Administrator and or
> ISP Abuse Email

Nathan W. Labadie       |	
Sr. Security Specialist | 313/577.2126
Wayne State University  | 313/577.1338 fax
C&IT Security Office: