[Silicon Defense logo]

SnortSnarf alert page

Destination: 192.168.1.3

SnortSnarf v021111.1

Signature section (91123)Top 20 source IPsTop 20 dest IPs

57 such alerts found using input module SnortFileInput, with sources:
Earliest: 16:17:46.670233 on 05/09/2003
Latest: 17:12:31.460371 on 05/16/2003

5 different signatures are present for 192.168.1.3 as a destination

There are 2 distinct source IPs in the alerts of the type on this page.

192.168.1.3 Whois lookup at: ARIN RIPE APNIC Geektools
DNS lookup at: Amenesi TRIUMF Princeton
More lookup links: Dshield Sam Spade
See also 192.168.1.3 as an alert source [49 alerts]

[**] [1:466:1] ICMP L3retriever Ping [**]
[Classification: Attempted Information Leak] [Priority: 2]
05/09-16:17:46.670233 192.168.1.102 -> 192.168.1.3
ICMP TTL:32 TOS:0x0 ID:35739 IpLen:20 DgmLen:60
Type:8 Code:0 ID:512 Seq:45824 ECHO
[Xref => http://www.whitehats.com/info/IDS311]
[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:07:16.293290 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:45947 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA06C614E Ack: 0x7E649E85 Win: 0x1920 TcpLen: 20
[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:07:16.293545 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:45949 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA06C6CB6 Ack: 0x7E649E85 Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:07:16.294425 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:45955 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA06C8EEE Ack: 0x7E649E85 Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:07:16.294733 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:45957 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA06C9A56 Ack: 0x7E649E85 Win: 0x1920 TcpLen: 20
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:07:16.300139 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:45965 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA06CC5AA Ack: 0x7E649EBD Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:08:08.899780 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:40951 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA46B1158 Ack: 0x7E900CA7 Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:08:08.900017 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:40953 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA46B1CC0 Ack: 0x7E900CA7 Win: 0x1920 TcpLen: 20
[**] [1:653:5] SHELLCODE x86 unicode NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:08:24.136306 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:56484 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA52E0B4F Ack: 0x7EA483F1 Win: 0x1920 TcpLen: 20
[**] [1:651:5] SHELLCODE x86 stealth NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:08:47.224943 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:25486 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA7D53317 Ack: 0x7EAFA6B6 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS291]
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:11:06.525216 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:35867 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB7A9CFE5 Ack: 0x7EF3AB26 Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:08.442277 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:48315 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCAFEBA86 Ack: 0x7F851AE9 Win: 0x1920 TcpLen: 20
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:28.910389 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:7083 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCC74A5CF Ack: 0x7F9AEFE4 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:28.916888 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:7110 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCC753E77 Ack: 0x7F9AF000 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:29.194901 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:7826 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCC83EDD9 Ack: 0x7F9B1271 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:29.195230 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:7828 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCC83F941 Ack: 0x7F9B1271 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:29.222344 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:7913 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCC85CD95 Ack: 0x7F9B1319 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:29.554956 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:8120 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCC8A466B Ack: 0x7F9B14A1 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:29.555207 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:8122 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCC8A51D3 Ack: 0x7F9B14A1 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:29.558979 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:8126 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCC8A6341 Ack: 0x7F9B14BD Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:29.559308 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:8128 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCC8A6EA9 Ack: 0x7F9B14BD Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:29.559602 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:8130 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCC8A7A11 Ack: 0x7F9B14BD Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:651:5] SHELLCODE x86 stealth NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:41.900261 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:24962 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCDDE9C21 Ack: 0x7F9EE305 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS291]
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:42.598161 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:26622 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCE01F20D Ack: 0x7F9F0AAA Win: 0x1920 TcpLen: 20
[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:14:56.281985 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:35206 IpLen:20 DgmLen:568 DF
***AP*** Seq: 0xCE566360 Ack: 0x7FAD4FD3 Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:15:16.301366 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:50399 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCEE56F28 Ack: 0x7FC6EC4E Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:15:16.301561 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:50401 IpLen:20 DgmLen:758 DF
***AP*** Seq: 0xCEE57A90 Ack: 0x7FC6EC4E Win: 0x1920 TcpLen: 20
[**] [1:651:5] SHELLCODE x86 stealth NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/11-16:21:35.988123 192.168.1.1:8192 -> 192.168.1.3:2667
TCP TTL:64 TOS:0x0 ID:59933 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE36CEF71 Ack: 0x81BDBF3A Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS291]
[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:02:32.165228 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:43894 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD46E4123 Ack: 0x541606E Win: 0x1920 TcpLen: 20
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:02:32.165512 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:43896 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD46E4C8B Ack: 0x541606E Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:02:33.006964 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:46211 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD4A002BF Ack: 0x5418689 Win: 0x1920 TcpLen: 20
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:02:33.007303 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:46213 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD4A00E27 Ack: 0x5418689 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:03:19.538548 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:28635 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD7945211 Ack: 0x56B953F Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:03:19.541232 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:28646 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD7948B65 Ack: 0x56B955B Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:03:20.053781 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:29834 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD7AE4356 Ack: 0x56BA0D9 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:03:20.054369 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:29838 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD7AE5A26 Ack: 0x56BA0D9 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:03:21.747399 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:34173 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD80C1FD5 Ack: 0x56BCC0F Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:03:21.747709 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:34175 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD80C2B3D Ack: 0x56BCC0F Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:03:59.261332 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:13265 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDB06F792 Ack: 0x58A2CAF Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:04:36.555479 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:4977 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDFAE0382 Ack: 0x593451A Win: 0x1920 TcpLen: 20
[**] [1:651:5] SHELLCODE x86 stealth NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:05:30.639689 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:8515 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE440546A Ack: 0x5C39099 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS291]
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:09:10.580637 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:18446 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFD731E5C Ack: 0x64319FC Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:09:29.837566 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:42751 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFEC9B4E0 Ack: 0x65E4F50 Win: 0x1920 TcpLen: 20
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:09:52.851033 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:7477 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA85962 Ack: 0x677D9D4 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:09:52.916987 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:7603 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xAB1506 Ack: 0x677DAD0 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:09:52.917876 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:7609 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xAB373E Ack: 0x677DAD0 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:09:53.142361 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:8207 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB75CFC Ack: 0x677FC61 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:09:53.142974 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:8211 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB773CC Ack: 0x677FC61 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:09:53.171118 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:8301 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB964A4 Ack: 0x677FD09 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:09:53.264247 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:8537 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBE81DC Ack: 0x677FEC9 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:09:53.266331 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:8551 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBED1B4 Ack: 0x677FEC9 Win: 0x1920 TcpLen: 20
[Xref => http://www.whitehats.com/info/IDS181]
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:10:05.129402 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:26054 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x220F0A0 Ack: 0x67BE7EE Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:10:05.301790 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:26530 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x22B34F6 Ack: 0x67BEE35 Win: 0x1920 TcpLen: 20
[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:10:17.923467 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:35618 IpLen:20 DgmLen:568 DF
***AP*** Seq: 0x289FB3F Ack: 0x68A39DF Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:10:38.421042 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:50823 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x319072B Ack: 0x6A3D676 Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:10:38.421247 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:50825 IpLen:20 DgmLen:758 DF
***AP*** Seq: 0x3191293 Ack: 0x6A3D676 Win: 0x1920 TcpLen: 20
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/16-17:12:31.460371 192.168.1.1:8192 -> 192.168.1.3:2760
TCP TTL:64 TOS:0x0 ID:41147 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x99230B0 Ack: 0x73135F2 Win: 0x1920 TcpLen: 20
SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Jun 17 09:09:55 2003