2010:01:02-10:06:39 acenn snort[6151]: | Match Lists : 20.38M 2010:01:02-10:06:39 acenn snort[6151]: | Transitions : 39.77M 2010:01:02-10:06:39 acenn snort[6151]: +------------------------------------------------- 2010:01:02-10:06:39 acenn snort[6151]: 2010:01:02-10:06:39 acenn snort[6151]: --== Initialization Complete ==-- 2010:01:02-10:06:39 acenn snort[6151]: Snort initialization completed successfully (pid=6151) 2010:01:02-10:06:39 acenn snort[6151]: Not Using PCAP_FRAMES 2010:01:02-10:06:39 acenn snort[6151]: snort_nfq_open: using queue id 0 2010:01:02-10:06:39 acenn snort[6151]: backend 'nfqueue' initialized 2010:01:02-12:31:43 acenn snort[6151]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection" group="500" srcip="192.168.2.201" dstip="209.85.231.99" proto="6" srcport="1249" dstport="80" sid="7567" class="Information Leak" priority="2" generator="1" msgid="0" 2010:01:02-13:37:36 acenn snort[6151]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection" group="500" srcip="192.168.2.201" dstip="209.85.231.99" proto="6" srcport="1042" dstport="80" sid="7567" class="Information Leak" priority="2" generator="1" msgid="0" 2010:01:02-13:37:42 acenn snort[6151]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection" group="500" srcip="192.168.2.201" dstip="209.85.231.99" proto="6" srcport="1045" dstport="80" sid="7567" class="Information Leak" priority="2" generator="1" msgid="0" 2010:01:02-14:03:24 acenn snort[6151]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection" group="500" srcip="192.168.2.201" dstip="209.85.231.99" proto="6" srcport="1039" dstport="80" sid="7567" class="Information Leak" priority="2" generator="1" msgid="0" 2010:01:02-14:04:22 acenn snort[6151]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection" group="500" srcip="192.168.2.201" dstip="209.85.231.99" proto="6" srcport="1045" dstport="80" sid="7567" class="Information Leak" priority="2" generator="1" msgid="0" 2010:01:02-14:04:22 acenn snort[6151]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection" group="500" srcip="192.168.2.201" dstip="209.85.231.99" proto="6" srcport="1046" dstport="80" sid="7567" class="Information Leak" priority="2" generator="1" msgid="0" 2010:01:02-14:05:21 acenn snort[6151]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection" group="500" srcip="192.168.2.201" dstip="209.85.231.99" proto="6" srcport="1049" dstport="80" sid="7567" class="Information Leak" priority="2" generator="1" msgid="0" 2010:01:02-14:16:25 acenn snort[6151]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection" group="500" srcip="192.168.2.201" dstip="209.85.231.99" proto="6" srcport="1209" dstport="80" sid="7567" class="Information Leak" priority="2" generator="1" msgid="0" 2010:01:02-14:32:46 acenn snort[6151]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="SPYWARE-PUT Trackware funwebproducts mywebsearchtoolbar-funtools runtime detection" group="500" srcip="192.168.2.201" dstip="209.85.231.99" proto="6" srcport="1461" dstport="80" sid="7567" class="Information Leak" priority="2" generator="1" msgid="0" 2010:01:02-18:21:01 (none) snort[4753]: Enabling inline operation 2010:01:02-18:21:01 (none) snort[4753]: NFQUEUE ID set to: 0 2010:01:02-18:21:01 (none) snort[4753]: Running in IDS mode 2010:01:02-18:21:01 (none) snort[4753]: 2010:01:02-18:21:01 (none) snort[4753]: --== Initializing Snort ==-- 2010:01:02-18:21:01 (none) snort[4753]: Initializing Output Plugins! 2010:01:02-18:21:01 (none) snort[4753]: Initializing Preprocessors! 2010:01:02-18:21:01 (none) snort[4753]: Initializing Plug-ins! 2010:01:02-18:21:01 (none) snort[4753]: Parsing Rules file "/etc/snort/snort.conf" 2010:01:02-18:21:02 (none) snort[4753]: PortVar 'HTTP_PORTS' defined : 2010:01:02-18:21:02 (none) snort[4753]: [ 80 ] 2010:01:02-18:21:02 (none) snort[4753]: 2010:01:02-18:21:02 (none) snort[4753]: PortVar 'SHELLCODE_PORTS' defined :