![[Silicon Defense logo]](../SDlogo.gif)
|
SnortSnarf signature pageWEB-CLIENT javascript URL host spoofing attemptSnortSnarf v021111.1 |
| Signature section (91123) | Top 20 source IPs | Top 20 dest IPs |
11 alerts with this signature using input module SnortFileInput, with sources:
Earliest such alert at 20:11:51.301187 on 04/27/2003
Latest such alert at 12:56:30.995172 on 06/07/2003
| WEB-CLIENT javascript URL host spoofing attempt | 5 sources | 5 destinations |
| Priority: 1 | Classification: Attempted User Privilege Gain | |
| [sid:1841] [BUGTRAQ:5293] | ||
| Source | # Alerts (sig) | # Alerts (total) | # Dsts (sig) | # Dsts (total) |
| 80.87.131.163 | 4 | 4 | 1 | 1 |
| 64.12.145.167 | 3 | 3 | 1 | 1 |
| 209.15.189.173 | 2 | 2 | 1 | 1 |
| 63.216.0.251 | 1 | 2 | 1 | 1 |
| 209.202.195.198 | 1 | 1 | 1 | 1 |
| Destinations | # Alerts (sig) | # Alerts (total) | # Srcs (sig) | # Srcs (total) |
| 192.168.1.4 | 4 | 69 | 1 | 11 |
| 192.168.1.92 | 3 | 10 | 1 | 7 |
| 192.168.1.104 | 2 | 16 | 1 | 8 |
| 192.168.1.100 | 1 | 38 | 1 | 8 |
| 192.168.1.101 | 1 | 951 | 1 | 25 |