[Silicon Defense logo]

SnortSnarf alert page

Source: 209.237.238.159

SnortSnarf v021111.1

Signature section (91123)Top 20 source IPsTop 20 dest IPs

8 such alerts found using input module SnortFileInput, with sources:
Earliest: 18:32:40.330684 on 04/27/2003
Latest: 16:46:51.235001 on 05/30/2003

1 different signatures are present for 209.237.238.159 as a source

There are 1 distinct destination IPs in the alerts of the type on this page.

209.237.238.159 Whois lookup at: ARIN RIPE APNIC Geektools
DNS lookup at: Amenesi TRIUMF Princeton
More lookup links: Dshield Sam Spade

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
04/27-18:32:40.330684 209.237.238.159:4048 -> 192.168.1.6:80
TCP TTL:41 TOS:0x0 ID:58181 IpLen:20 DgmLen:177 DF
***AP*** Seq: 0x4978DFFA Ack: 0xD5BF26FF Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 675572179 878056418
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
04/27-19:31:28.930232 209.237.238.159:4669 -> 192.168.1.6:80
TCP TTL:41 TOS:0x0 ID:53328 IpLen:20 DgmLen:177 DF
***AP*** Seq: 0x9980A70B Ack: 0xB47E1E97 Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 675924985 879864304
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
04/28-03:45:14.815259 209.237.238.159:3419 -> 192.168.1.6:80
TCP TTL:41 TOS:0x0 ID:60422 IpLen:20 DgmLen:177 DF
***AP*** Seq: 0x47090D42 Ack: 0xFE94E08A Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 678887118 895037794
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
04/28-12:51:33.831010 209.237.238.159:2591 -> 192.168.1.6:80
TCP TTL:41 TOS:0x0 ID:48525 IpLen:20 DgmLen:177 DF
***AP*** Seq: 0x43FA5A3E Ack: 0xD6EAD6D Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 682164517 911826238
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
05/02-08:10:34.131291 209.237.238.159:4671 -> 192.168.1.6:80
TCP TTL:41 TOS:0x0 ID:44421 IpLen:20 DgmLen:173 DF
***AP*** Seq: 0xF3FF90CA Ack: 0xE622E6CA Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 715033505 1080197190
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
05/24-22:34:12.713604 209.237.238.159:3090 -> 192.168.1.6:80
TCP TTL:42 TOS:0x0 ID:51883 IpLen:20 DgmLen:177 DF
***AP*** Seq: 0xFDB84DA0 Ack: 0xB0768DA9 Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 910268051 2080283704
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
05/27-19:10:08.584938 209.237.238.159:2606 -> 192.168.1.6:80
TCP TTL:42 TOS:0x0 ID:58543 IpLen:20 DgmLen:177 DF
***AP*** Seq: 0x4A7BA4B8 Ack: 0x6DDF280F Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 934960389 2206769875
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
05/30-16:46:51.235001 209.237.238.159:2606 -> 192.168.1.6:80
TCP TTL:37 TOS:0x0 ID:16273 IpLen:20 DgmLen:173 DF
***AP*** Seq: 0x75EE8196 Ack: 0xEFC82A9 Win: 0xFFFF TcpLen: 32
TCP Options (3) => NOP NOP TS: 960017323 2335123677
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Jun 17 09:03:52 2003