[**] [1:1256:7] WEB-IIS CodeRed v2 root.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/01-17:58:32.519514 24.188.213.73:4462 -> 192.168.1.6:80 TCP TTL:113 TOS:0x0 ID:46295 IpLen:20 DgmLen:112 DF ***AP*** Seq: 0x729D1AE9 Ack: 0x9C68D2B3 Win: 0xFAF0 TcpLen: 20 [Xref => http://www.cert.org/advisories/CA-2001-19.html] |
[**] [1:1256:7] WEB-IIS CodeRed v2 root.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/01-17:58:34.775357 24.188.213.73:2209 -> 192.168.1.6:80 TCP TTL:113 TOS:0x0 ID:46997 IpLen:20 DgmLen:110 DF ***AP*** Seq: 0x76D9FBF3 Ack: 0x9D0B5E7D Win: 0xFAF0 TcpLen: 20 [Xref => http://www.cert.org/advisories/CA-2001-19.html] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/01-17:58:38.479607 24.188.213.73:2212 -> 192.168.1.6:80 TCP TTL:113 TOS:0x0 ID:47042 IpLen:20 DgmLen:120 DF ***AP*** Seq: 0x76DDCDCE Ack: 0x9D794B11 Win: 0xFAF0 TcpLen: 20 |