[Oisf-users] Another app layer log

Caesar Samsi cmsamsi at hotmail.com
Fri Jun 3 15:58:08 UTC 2016 

I also get tons of these and wondering what they are?

However, I also have a concern about a specific one:

06/03/2016-08:46:37.801027  [Drop] [**] [1:2260002:1] SURICATA Applayer Detect protocol only one direction [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 209.85.214.69:34046 -> 192.168.1.2:25

Long log:

06/02/2016-13:10:21.537473  [Drop] [**] [1:2260002:1] SURICATA Applayer Detect protocol only one direction [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 127.0.0.1:32821 -> 127.0.0.1:10024
06/02/2016-13:12:22.463823  [Drop] [**] [1:2260002:1] SURICATA Applayer Detect protocol only one direction [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 127.0.0.1:32829 -> 127.0.0.1:10024
06/02/2016-13:14:23.431877  [Drop] [**] [1:2260002:1] SURICATA Applayer Detect protocol only one direction [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 127.0.0.1:32835 -> 127.0.0.1:10024
06/02/2016-13:34:14.529482  [Drop] [**] [1:2260002:1] SURICATA Applayer Detect protocol only one direction [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 127.0.0.1:56115 -> 127.0.0.1:10024
06/03/2016-08:42:35.443850  [Drop] [**] [1:2260002:1] SURICATA Applayer Detect protocol only one direction [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 127.0.0.1:43569 -> 127.0.0.1:10024
06/03/2016-08:44:36.187599  [Drop] [**] [1:2260002:1] SURICATA Applayer Detect protocol only one direction [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 127.0.0.1:43573 -> 127.0.0.1:10024
06/03/2016-08:46:36.519050  [Drop] [**] [1:2260002:1] SURICATA Applayer Detect protocol only one direction [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 127.0.0.1:43577 -> 127.0.0.1:10024
06/03/2016-08:46:37.801027  [Drop] [**] [1:2260002:1] SURICATA Applayer Detect protocol only one direction [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 209.85.214.69:34046 -> 192.168.1.2:25

Thank you, Caesar.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160603/b6dc2def/attachment-0001.html>

More information about the Oisf-users mailing list