SnortSnarf alert page

Destination: 192.168.1.101: #201-300

SnortSnarf v021111.1

Signature section (91123)

Top 20 source IPs

Top 20 dest IPs

Looking using input module SnortFileInput, with sources:

/home/rivettmj/snort_alertlog/alert

Earliest: 12:35:17.385057 on 05/19/2003
Latest: 23:10:28.465645 on 06/01/2003

7 different signatures are present for 192.168.1.101 as a destination

1 instances of SHELLCODE x86 unicode NOOP
1 instances of SHELLCODE x86 setgid 0
1 instances of WEB-CLIENT javascript URL host spoofing attempt
4 instances of SHELLCODE x86 setuid 0
87 instances of ICMP Destination Unreachable (Communication Administratively Prohibited)
88 instances of SHELLCODE x86 inc ebx NOOP
769 instances of SHELLCODE x86 NOOP

There are 25 distinct source IPs in the alerts of the type on this page.

192.168.1.101 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

See also 192.168.1.101 as an alert source [6 alerts]

Go to: previous range, next range, all alerts, overview page

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:17.385057 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:31692 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB521F285  Ack: 0xDE330791  Win: 0xF84D  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:17.499899 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:31874 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBF4F6D02  Ack: 0xE146E851  Win: 0xF69A  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:17.503448 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:31875 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBF4F72B6  Ack: 0xE146E851  Win: 0xF69A  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:23.125173 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:57296 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB526CC64  Ack: 0xDE3307A0  Win: 0xF83E  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:23.126529 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:57297 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB526D218  Ack: 0xDE3307A0  Win: 0xF83E  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:24.393669 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:60736 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB5281B7A  Ack: 0xDE32108D  Win: 0xF8A7  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:24.394895 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:60737 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB528212E  Ack: 0xDE32108D  Win: 0xF8A7  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:26.911130 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:2589 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBF5D88C2  Ack: 0xE146E87E  Win: 0xF66D  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:26.912470 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:2590 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBF5D8E76  Ack: 0xE146E87E  Win: 0xF66D  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:27.671644 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:5079 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB52D5421  Ack: 0xDE32109C  Win: 0xF898  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:27.679821 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:5080 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB52D59D5  Ack: 0xDE32109C  Win: 0xF898  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:29.478799 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:12714 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB52F7EF8  Ack: 0xDE3307BE  Win: 0xF820  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:29.480111 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:12715 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB52F84AC  Ack: 0xDE3307BE  Win: 0xF820  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:32.678852 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:22549 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB5327257  Ack: 0xDE3210AB  Win: 0xF889  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:35:32.680124 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:22550 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB532780B  Ack: 0xDE3210AB  Win: 0xF889  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:04.381572 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:6288 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB5596492  Ack: 0xDE330836  Win: 0xF7A8  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:04.385604 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:6289 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB5596A46  Ack: 0xDE330836  Win: 0xF7A8  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:05.481874 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:9493 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBF8CD45B  Ack: 0xE146E905  Win: 0xF5E6  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:05.489699 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:9494 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBF8CDA0F  Ack: 0xE146E905  Win: 0xF5E6  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:25.368301 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:23128 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB56F5696  Ack: 0xDE330881  Win: 0xF75D  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:25.369623 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:23129 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB56F5C4A  Ack: 0xDE330881  Win: 0xF75D  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:30.397109 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:40783 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB577F7A1  Ack: 0xDE32117D  Win: 0xF7B7  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:30.403248 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:40784 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB577FD55  Ack: 0xDE32117D  Win: 0xF7B7  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:33.006907 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:47639 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBFB45245  Ack: 0xE146E98C  Win: 0xF55F  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:33.010841 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:47640 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBFB457F9  Ack: 0xE146E98C  Win: 0xF55F  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:51.720435 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:47174 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB58F2F46  Ack: 0xDE3308F9  Win: 0xF6E5  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:36:51.724610 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:47175 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB58F34FA  Ack: 0xDE3308F9  Win: 0xF6E5  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:37:05.148851 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:23400 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB5A05477  Ack: 0xDE330935  Win: 0xF6A9  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:42:23.055631 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:63841 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB70627FB  Ack: 0xDE3219A2  Win: 0xF550  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:42:29.663995 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:17254 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xC1641868  Ack: 0xE146F247  Win: 0xF820  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:42:34.327144 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:41201 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB717EFCD  Ack: 0xDE3310C4  Win: 0xFA96  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:43:08.978238 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:21326 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB742D7E6  Ack: 0xDE321B37  Win: 0xF979  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:43:25.477971 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:64954 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB757154D  Ack: 0xDE331277  Win: 0xF8E3  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:43:27.418916 128.121.10.67:119 -> 192.168.1.101:1655
TCP TTL:111 TOS:0x0 ID:4214 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB759554D  Ack: 0xDE331286  Win: 0xF8D4  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:43:27.789064 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:5335 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xC1A7B6AD  Ack: 0xE146F409  Win: 0xF65E  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:43:30.348297 128.121.10.67:119 -> 192.168.1.101:1654
TCP TTL:111 TOS:0x0 ID:13337 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB75B167F  Ack: 0xDE321BEB  Win: 0xF8C5  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-12:43:48.986525 128.121.10.67:119 -> 192.168.1.101:1656
TCP TTL:111 TOS:0x0 ID:64339 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xC1C59653  Ack: 0xE146F49F  Win: 0xF5C8  TcpLen: 20

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/19-19:30:54.468812 172.20.148.50 -> 192.168.1.101
ICMP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3897 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:8738 IpLen:20 DgmLen:48 DF
Seq: 0x49DCBD22  Ack: 0x6C000000
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/19-21:01:44.339721 172.20.148.54 -> 192.168.1.101
ICMP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:4313 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:12487 IpLen:20 DgmLen:48 DF
Seq: 0x95513DE9  Ack: 0x6F6D0000
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/19-21:01:50.892656 172.20.148.54 -> 192.168.1.101
ICMP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:4313 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:12490 IpLen:20 DgmLen:48 DF
Seq: 0x95513DE9  Ack: 0xABFE4000
** END OF DUMP

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/19-22:00:28.943422 209.8.166.179:80 -> 192.168.1.101:4598
TCP TTL:52 TOS:0x0 ID:34736 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0xE7D726C8  Ack: 0xC56FA398  Win: 0x7D78  TcpLen: 20

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/20-21:15:24.400932 172.20.148.50 -> 192.168.1.101
ICMP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:1115 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:474 IpLen:20 DgmLen:48 DF
Seq: 0x3822D586  Ack: 0x2CD3CA3E
** END OF DUMP

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/21-17:09:53.670178 65.24.2.12:119 -> 192.168.1.101:2250
TCP TTL:247 TOS:0x0 ID:35054 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9A17E506  Ack: 0xFA4A1EFC  Win: 0x2238  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/21-17:11:11.640412 65.24.2.12:119 -> 192.168.1.101:2249
TCP TTL:247 TOS:0x0 ID:54024 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9A5A88C6  Ack: 0xFA4950C7  Win: 0x2238  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/21-17:11:12.628314 65.24.2.12:119 -> 192.168.1.101:2250
TCP TTL:247 TOS:0x0 ID:54280 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9A7A0636  Ack: 0xFA4A20AC  Win: 0x2238  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/21-17:11:17.261007 65.24.2.12:119 -> 192.168.1.101:2248
TCP TTL:247 TOS:0x0 ID:55325 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x99BBDC6C  Ack: 0xFA486185  Win: 0x2238  TcpLen: 20

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/21-23:59:27.446262 172.20.148.54 -> 192.168.1.101
ICMP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:1119 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:1229 IpLen:20 DgmLen:48 DF
Seq: 0x2A00A899  Ack: 0x1F4BCC3E
** END OF DUMP

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/22-16:07:38.040175 216.65.98.72:119 -> 192.168.1.101:1988
TCP TTL:109 TOS:0x0 ID:63708 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF77CDCF4  Ack: 0x1EEE176C  Win: 0x3FF4  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/22-16:08:05.109759 216.65.98.72:119 -> 192.168.1.101:1851
TCP TTL:109 TOS:0x0 ID:35977 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA2769136  Ack: 0xFD61817A  Win: 0x3EEA  TcpLen: 20

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/22-18:38:10.426172 172.20.148.54 -> 192.168.1.101
ICMP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:1566 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:57078 IpLen:20 DgmLen:48 DF
Seq: 0xCAC07B3E  Ack: 0x5251CD3E
** END OF DUMP

[**] [1:650:5] SHELLCODE x86 setuid 0 [**]
[Classification: A system call was detected] [Priority: 2] 
05/22-18:49:19.891841 128.242.172.250:119 -> 192.168.1.101:1484
TCP TTL:111 TOS:0x0 ID:54140 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB1081A7A  Ack: 0xBF4F9169  Win: 0xF922  TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS436]

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/22-20:38:42.675682 172.20.148.54 -> 192.168.1.101
ICMP TTL:243 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:2123 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:3525 IpLen:20 DgmLen:48 DF
Seq: 0x2EC34596  Ack: 0x926DCD3E
** END OF DUMP

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/24-14:24:06.591609 128.242.172.250:119 -> 192.168.1.101:1193
TCP TTL:112 TOS:0x0 ID:52156 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA8953EEB  Ack: 0x3670CE1B  Win: 0xF8D3  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/24-14:24:40.461050 128.242.172.250:119 -> 192.168.1.101:1194
TCP TTL:112 TOS:0x0 ID:7193 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA901C84E  Ack: 0x3681F4E9  Win: 0xF8A9  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/24-14:25:01.430082 128.242.172.250:119 -> 192.168.1.101:1193
TCP TTL:112 TOS:0x0 ID:17005 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA8D849C0  Ack: 0x3670CEB5  Win: 0xF839  TcpLen: 20

[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/24-14:25:06.996941 128.242.172.250:119 -> 192.168.1.101:1194
TCP TTL:112 TOS:0x0 ID:8845 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA923F3A6  Ack: 0x3681F52F  Win: 0xF863  TcpLen: 20

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/24-17:20:01.437625 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:2309 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:44915 IpLen:20 DgmLen:48 DF
Seq: 0xCA1CABD0  Ack: 0x7600FC8F
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/24-22:21:49.559475 172.20.148.54 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:2301 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:28066 IpLen:20 DgmLen:48 DF
Seq: 0xD8CFDB27  Ack: 0x9CDA8410
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/25-00:22:10.047989 172.20.148.54 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:2860 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:37031 IpLen:20 DgmLen:48 DF
Seq: 0x3CB0A54D  Ack: 0x6F6D0000
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/25-03:52:55.508289 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3835 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:52493 IpLen:20 DgmLen:48 DF
Seq: 0xEBA23096  Ack: 0x5776D03E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/25-03:53:05.346809 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3835 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:52517 IpLen:20 DgmLen:48 DF
Seq: 0xEBA23096  Ack: 0x52AA
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/25-16:43:44.223545 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:1672 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:35200 IpLen:20 DgmLen:48 DF
Seq: 0x669BC083  Ack: 0x2BD13E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/25-16:43:47.441538 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:1672 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:35203 IpLen:20 DgmLen:48 DF
Seq: 0x669BC083  Ack: 0xA05204C3
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/25-21:14:37.399763 172.20.148.54 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:4179 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:34494 IpLen:20 DgmLen:48 DF
Seq: 0x4B2488F6  Ack: 0x88B64D74
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-02:45:45.815010 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:1781 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:60710 IpLen:20 DgmLen:48 DF
Seq: 0x5DE1F55D  Ack: 0x6F6D0000
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-02:45:52.375815 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:1781 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:60716 IpLen:20 DgmLen:48 DF
Seq: 0x5DE1F55D  Ack: 0x20B8D13E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-03:45:58.579841 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:2060 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:65368 IpLen:20 DgmLen:48 DF
Seq: 0x8FDF08E0  Ack: 0xE0B261E9
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-04:16:17.297561 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:2210 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:2242 IpLen:20 DgmLen:48 DF
Seq: 0xA8FEAE8F  Ack: 0x51CDD13E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-04:46:29.508474 172.20.148.54 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:2357 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:4662 IpLen:20 DgmLen:48 DF
Seq: 0xC21AF161  Ack: 0x65D4D13E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-07:17:02.618961 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3058 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:15967 IpLen:20 DgmLen:48 DF
Seq: 0x3F104182  Ack: 0xAEF7D13E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-07:17:12.412660 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3058 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:15976 IpLen:20 DgmLen:48 DF
Seq: 0x3F104182  Ack: 0x0
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-08:17:18.608998 172.20.148.54 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3367 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:20740 IpLen:20 DgmLen:48 DF
Seq: 0x711D1029  Ack: 0x656E742D
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-08:17:28.447104 172.20.148.54 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3367 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:20748 IpLen:20 DgmLen:48 DF
Seq: 0x711D1029  Ack: 0xD805D23E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-11:18:10.200101 172.20.148.54 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:4232 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:34595 IpLen:20 DgmLen:48 DF
Seq: 0x739BEC9  Ack: 0xE5271F
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-11:48:25.769965 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:4374 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:36887 IpLen:20 DgmLen:48 DF
Seq: 0x205599A1  Ack: 0x80064A08
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-15:19:18.189700 172.20.148.54 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:1443 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:53184 IpLen:20 DgmLen:48 DF
Seq: 0xCF685EA5  Ack: 0xE52CFA
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/26-21:20:24.411969 172.20.148.54 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3160 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:15313 IpLen:20 DgmLen:48 DF
Seq: 0xFB202A0C  Ack: 0x58BDD23E
** END OF DUMP

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/28-00:32:19.147934 128.242.172.250:119 -> 192.168.1.101:1257
TCP TTL:112 TOS:0x0 ID:60123 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA159A9C0  Ack: 0x357E743A  Win: 0xF8DD  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/28-00:32:31.330462 128.242.172.250:119 -> 192.168.1.101:1254
TCP TTL:112 TOS:0x0 ID:44481 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9E24EC3F  Ack: 0x34A4FE61  Win: 0xF898  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/28-00:37:14.783383 128.242.172.250:119 -> 192.168.1.101:1253
TCP TTL:112 TOS:0x0 ID:21422 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9F657E82  Ack: 0x34A3C481  Win: 0xF910  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/28-00:37:14.804402 128.242.172.250:119 -> 192.168.1.101:1254
TCP TTL:112 TOS:0x0 ID:21549 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9F754C8E  Ack: 0x34A509CE  Win: 0xF8A7  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/28-00:37:15.755012 128.242.172.250:119 -> 192.168.1.101:1257
TCP TTL:112 TOS:0x0 ID:31271 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA2B8BDBD  Ack: 0x357E805B  Win: 0xF82F  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/28-00:37:17.597724 128.242.172.250:119 -> 192.168.1.101:1257
TCP TTL:112 TOS:0x0 ID:48658 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA2BB5F7F  Ack: 0x357E8088  Win: 0xF802  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/28-00:37:17.658819 128.242.172.250:119 -> 192.168.1.101:1254
TCP TTL:112 TOS:0x0 ID:49229 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9F7A3B2F  Ack: 0x34A50A19  Win: 0xF85C  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
05/28-00:37:17.752140 128.242.172.250:119 -> 192.168.1.101:1253
TCP TTL:112 TOS:0x0 ID:49627 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9F6894AD  Ack: 0x34A3C4AE  Win: 0xF8E3  TcpLen: 20

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/30-23:53:58.979958 172.20.148.54 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:1572 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:11159 IpLen:20 DgmLen:48 DF
Seq: 0x85D96B6C  Ack: 0x5727D83E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
05/31-22:33:30.549936 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:4581 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:24073 IpLen:20 DgmLen:48 DF
Seq: 0xEE75126C  Ack: 0x5C000000
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
06/01-03:34:40.725588 172.20.148.54 -> 192.168.1.101
ICMP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:2008 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:46062 IpLen:20 DgmLen:48 DF
Seq: 0xE847EB90  Ack: 0x90ACD93E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
06/01-08:35:50.307259 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3459 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:134 IpLen:20 DgmLen:48 DF
Seq: 0xE275D73D  Ack: 0x12000010
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
06/01-09:06:09.131995 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3601 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:2566 IpLen:20 DgmLen:48 DF
Seq: 0xFB90E335  Ack: 0x3C000000
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
06/01-10:06:40.376881 172.20.148.54 -> 192.168.1.101
ICMP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3871 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:7365 IpLen:20 DgmLen:48 DF
Seq: 0x2DC49B2B  Ack: 0x8006BD5A
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
06/01-11:37:12.153125 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:4285 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:14624 IpLen:20 DgmLen:48 DF
Seq: 0x78E929E0  Ack: 0x2000100
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
06/01-13:37:41.127980 172.20.148.54 -> 192.168.1.101
ICMP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:1535 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:8092 IpLen:20 DgmLen:48 DF
Seq: 0x889CBFA3  Ack: 0xE503D1
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
06/01-17:38:48.945853 172.20.148.54 -> 192.168.1.101
ICMP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:2656 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:27343 IpLen:20 DgmLen:48 DF
Seq: 0x50E4BC2F  Ack: 0x6872DA3E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
06/01-19:39:39.427688 172.20.148.54 -> 192.168.1.101
ICMP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:3232 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:37259 IpLen:20 DgmLen:48 DF
Seq: 0xB53449BA  Ack: 0x322E3320
** END OF DUMP

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
06/01-19:41:23.940142 128.242.172.250:119 -> 192.168.1.101:3228
TCP TTL:116 TOS:0x0 ID:4938 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x4D16C33F  Ack: 0xB5252E85  Win: 0xF9D1  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
06/01-19:42:21.109501 128.242.172.250:119 -> 192.168.1.101:3229
TCP TTL:116 TOS:0x0 ID:20952 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x4D11E4C6  Ack: 0xB525B030  Win: 0xFA2B  TcpLen: 20

[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1] 
06/01-19:43:21.944880 128.242.172.250:119 -> 192.168.1.101:3230
TCP TTL:116 TOS:0x0 ID:6025 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x4D25A7ED  Ack: 0xB52655F4  Win: 0xF968  TcpLen: 20

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
06/01-22:10:09.135029 172.20.148.54 -> 192.168.1.101
ICMP TTL:245 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:4203 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:45254 IpLen:20 DgmLen:48 DF
Seq: 0x32EFEACB  Ack: 0x1B2DA3E
** END OF DUMP

[**] [1:485:2] ICMP Destination Unreachable (Communication Administratively Prohibited) [**]
[Classification: Misc activity] [Priority: 3] 
06/01-23:10:28.465645 172.20.148.50 -> 192.168.1.101
ICMP TTL:244 TOS:0x0 ID:0 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.1.101:4526 -> 64.12.185.119:80
TCP TTL:116 TOS:0x0 ID:50324 IpLen:20 DgmLen:48 DF
Seq: 0x65457148  Ack: 0x6D2F636F
** END OF DUMP

Go to: previous range, next range, all alerts, overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Jun 17 09:09:54 2003

192.168.1.101	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade
See also 192.168.1.101 as an alert source [6 alerts]