[Silicon Defense logo]

SnortSnarf alert page

Source: 209.237.238.158

SnortSnarf v021111.1

Signature section (91123)Top 20 source IPsTop 20 dest IPs

8 such alerts found using input module SnortFileInput, with sources:
Earliest: 16:51:00.716894 on 04/22/2003
Latest: 18:30:03.210245 on 06/11/2003

1 different signatures are present for 209.237.238.158 as a source

There are 1 distinct destination IPs in the alerts of the type on this page.

209.237.238.158 Whois lookup at: ARIN RIPE APNIC Geektools
DNS lookup at: Amenesi TRIUMF Princeton
More lookup links: Dshield Sam Spade

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
04/22-16:51:00.716894 209.237.238.158:2181 -> 192.168.1.6:80
TCP TTL:41 TOS:0x0 ID:10211 IpLen:20 DgmLen:177 DF
***AP*** Seq: 0x2BCC5084 Ack: 0x17E4A8BE Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 631348573 653675344
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
04/24-02:07:34.363467 209.237.238.158:1053 -> 192.168.1.6:80
TCP TTL:41 TOS:0x0 ID:8554 IpLen:20 DgmLen:173 DF
***AP*** Seq: 0x4A40C472 Ack: 0x8E37F4FA Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 643326236 715030135
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
04/26-13:33:58.393128 209.237.238.158:4076 -> 192.168.1.6:80
TCP TTL:41 TOS:0x0 ID:8919 IpLen:20 DgmLen:177 DF
***AP*** Seq: 0xAD798A11 Ack: 0x2E643EB7 Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 664721590 824626467
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
05/01-14:45:03.853189 209.237.238.158:2001 -> 192.168.1.6:80
TCP TTL:41 TOS:0x0 ID:56287 IpLen:20 DgmLen:173 DF
***AP*** Seq: 0x1DD3E83F Ack: 0x78646BCD Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 708341922 1048068618
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
05/22-12:41:56.151497 209.237.238.158:2399 -> 192.168.1.6:80
TCP TTL:41 TOS:0x0 ID:28390 IpLen:20 DgmLen:173 DF
***AP*** Seq: 0x4FB101CF Ack: 0x73E3DE32 Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 889019649 1973577747
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
05/23-22:54:11.549527 209.237.238.158:4018 -> 192.168.1.6:80
TCP TTL:42 TOS:0x0 ID:6857 IpLen:20 DgmLen:173 DF
***AP*** Seq: 0x1829F409 Ack: 0xBC6F288D Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 901331680 2036645282
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
05/27-07:11:06.368924 209.237.238.158:2982 -> 192.168.1.6:80
TCP TTL:42 TOS:0x0 ID:27050 IpLen:20 DgmLen:177 DF
***AP*** Seq: 0xB6E76880 Ack: 0xD1553370 Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 930229681 2184673286
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
06/11-18:30:03.210245 209.237.238.158:1426 -> 192.168.1.6:80
TCP TTL:36 TOS:0x0 ID:63904 IpLen:20 DgmLen:173 DF
***AP*** Seq: 0x2155CDEA Ack: 0x91F9A984 Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 53471198 2869323882
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Jun 17 09:03:52 2003