SnortSnarf alert page

Source: 128.10.252.10: #201-286

SnortSnarf v021111.1

Signature section (91123)

Top 20 source IPs

Top 20 dest IPs

Looking using input module SnortFileInput, with sources:

/home/rivettmj/snort_alertlog/alert

Earliest: 20:15:13.370428 on 05/07/2003
Latest: 18:23:54.568781 on 05/08/2003

2 different signatures are present for 128.10.252.10 as a source

1 instances of SHELLCODE x86 EB OC NOOP
285 instances of SHELLCODE x86 NOOP

There are 2 distinct destination IPs in the alerts of the type on this page.

128.10.252.10 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

Go to: previous range, all alerts, overview page

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:13.370428 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34715 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7AAF5B25  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574869 1745859252 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:13.377043 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34720 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AAF776D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574869 1745859252 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:13.435444 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34730 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AAFAFFD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574875 1745859252 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:13.523300 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34744 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AAFFF2D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574884 1745859252 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:13.578988 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34754 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB037BD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574890 1745859252 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:13.647490 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34770 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB0923D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574897 1745859252 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:13.840709 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34798 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7AB1309D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574916 1745859253 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:13.855424 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34807 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB16385  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574917 1745859253 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:13.901378 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34811 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB17A25  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574922 1745859253 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:13.915230 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34817 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB19C15  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574923 1745859253 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.038309 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34835 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB2013D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574934 1745859253 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.121584 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34846 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB23F75  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574943 1745859253 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.180131 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34853 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB2670D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574950 1745859253 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.187716 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34858 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB28355  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574950 1745859253 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.189004 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34859 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB288FD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574950 1745859253 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.289697 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34874 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7AB2DDD5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574961 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.315895 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34883 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB310BD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574964 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.374905 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34885 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7AB31C0D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574970 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.379483 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34888 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB32D05  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574970 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.387549 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34894 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB34EF5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574970 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.454361 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34907 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB3987D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574977 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.510010 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34908 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB39E25  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574983 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.511317 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34909 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB3A3CD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574983 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.515634 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34911 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB3AF1D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574984 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.526935 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34917 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB3D10D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574984 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.654539 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34938 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB447D5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408574997 1745859254 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:14.852083 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:34974 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB51375  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575017 1745859255 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:15.158655 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35017 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB606AD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575048 1745859255 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:15.160305 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35018 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7AB60C55  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575048 1745859255 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:15.168147 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35024 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB62E45  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575048 1745859255 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:15.548526 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35091 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB7A93D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575087 1745859256 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:15.775615 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35136 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB8A7C5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575110 1745859257 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:15.785432 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35140 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB8BE65  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575111 1745859257 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:15.835208 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35149 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB8F14D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575116 1745859257 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:16.122295 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35196 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AB9FB25  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575144 1745859257 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:16.123735 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35197 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ABA00CD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575144 1745859257 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:16.612509 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35281 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ABBDBED  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575193 1745859258 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:16.889784 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35325 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ABCD4CD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575221 1745859259 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:16.910048 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35332 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ABCFC65  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575223 1745859259 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:17.232158 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35387 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ABE337D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575255 1745859260 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:17.315852 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35398 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ABE71B5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575263 1745859260 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:17.320644 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35402 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ABE8855  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575263 1745859260 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:17.515973 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35430 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ABF26B5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575284 1745859260 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:17.517309 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35431 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ABF2C5D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575284 1745859260 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:18.438508 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35595 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC2CBFD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575376 1745859262 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:18.535343 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35614 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC33775  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575386 1745859262 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:18.542131 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35618 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC34E15  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575386 1745859262 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:18.730816 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35647 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC3F21D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575404 1745859262 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:18.732307 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35648 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC3F7C5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575404 1745859262 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:19.010958 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35696 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC50745  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575433 1745859263 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:19.018175 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35701 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC5238D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575433 1745859263 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:19.122086 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35717 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7AC57E0D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575444 1745859263 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:19.150297 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35725 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC5AB4D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575447 1745859263 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:19.257797 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35741 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7AC605CD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575458 1745859264 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:19.325821 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35753 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7AC649AD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575465 1745859264 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:19.337672 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35759 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC66B9D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575465 1745859264 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:19.339152 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35760 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC67145  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575465 1745859264 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:19.621308 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35811 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC791BD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575494 1745859264 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:19.773457 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35842 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC84115  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575509 1745859265 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:20.197063 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35916 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AC9E3A5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575551 1745859265 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:20.260385 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35926 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACA1C35  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575558 1745859266 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:20.265843 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35930 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7ACA32D5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575558 1745859266 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:20.306408 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35931 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACA387D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575563 1745859266 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:20.327211 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35934 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACA4975  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575565 1745859266 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:20.398606 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35935 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACA4F1D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575572 1745859266 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:20.400451 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35936 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACA54C5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575572 1745859266 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:20.470799 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35954 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACABA95  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575579 1745859266 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:20.533850 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:35955 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACAC03D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575586 1745859266 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:21.166420 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36067 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACD39BD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575648 1745859267 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:21.173386 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36071 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACD505D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575649 1745859267 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:21.297001 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36091 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACDC17D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575662 1745859268 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:21.299816 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36093 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACDCCCD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575662 1745859268 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:21.405240 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36113 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7ACE3DED  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575672 1745859268 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:21.488695 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36125 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7ACE81CD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575681 1745859268 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:21.583747 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36143 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7ACEE79D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575690 1745859268 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:22.001251 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36217 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AD08A2D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575732 1745859269 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:22.197985 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36254 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AD15B75  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575752 1745859269 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:22.427023 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36295 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AD2435D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575775 1745859270 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:22.428369 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36296 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x7AD24905  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575775 1745859270 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:22.489925 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36303 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AD2709D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575780 1745859270 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:22.494750 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36307 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AD2873D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575781 1745859270 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:22.643072 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36331 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AD30EFD  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575795 1745859270 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:22.700271 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36336 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AD32B45  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575802 1745859270 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:22.766139 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36351 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AD3801D  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575809 1745859271 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/07-20:15:22.770231 128.10.252.10:80 -> 192.168.1.7:8529
TCP TTL:45 TOS:0x0 ID:36352 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7AD385C5  Ack: 0xE061557A  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 408575809 1745859271 
[Xref => http://www.whitehats.com/info/IDS181]

[**] [1:1424:4] SHELLCODE x86 EB OC NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/08-18:23:54.568781 128.10.252.10:58348 -> 192.168.1.92:53153
TCP TTL:45 TOS:0x0 ID:4339 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1132AA16  Ack: 0x3105D3E0  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 416546303 1475540610

Go to: previous range, all alerts, overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Jun 17 09:03:53 2003

128.10.252.10	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade