[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/01-10:20:47.508514 64.37.137.83:80 -> 192.168.1.92:50878
TCP TTL:50 TOS:0x0 ID:12013 IpLen:20 DgmLen:763 DF
***AP*** Seq: 0x1C58ABF7 Ack: 0xF853C5D Win: 0x6028 TcpLen: 32
TCP Options (3) => NOP NOP TS: 420350042 1258927965 |
[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/01-10:20:48.069028 64.37.137.83:80 -> 192.168.1.92:50878
TCP TTL:50 TOS:0x0 ID:12014 IpLen:20 DgmLen:763 DF
***AP*** Seq: 0x1C58ABF7 Ack: 0xF853C5D Win: 0x6028 TcpLen: 32
TCP Options (3) => NOP NOP TS: 420350098 1258927965 |
[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/07-00:02:59.377445 204.68.168.161:80 -> 192.168.1.92:49204
TCP TTL:243 TOS:0x0 ID:64649 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5FA06E7B Ack: 0x7F37D811 Win: 0x8000 TcpLen: 32
TCP Options (3) => NOP NOP TS: 29838170 1475397342 |
[**] [1:1841:2] WEB-CLIENT javascript URL host spoofing attempt [**]
[Classification: Attempted User Privilege Gain] [Priority: 1]
05/07-20:04:31.984244 64.12.145.167:80 -> 192.168.1.92:50171
TCP TTL:51 TOS:0x0 ID:11850 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x48E76862 Ack: 0xEF6CA980 Win: 0x7C70 TcpLen: 32
TCP Options (3) => NOP NOP TS: 909157881 1475449042
[Xref => http://www.securityfocus.com/bid/5293] |
[**] [1:1841:2] WEB-CLIENT javascript URL host spoofing attempt [**]
[Classification: Attempted User Privilege Gain] [Priority: 1]
05/07-20:04:31.985571 64.12.145.167:80 -> 192.168.1.92:50171
TCP TTL:51 TOS:0x0 ID:11851 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0x48E76E0A Ack: 0xEF6CA980 Win: 0x7C70 TcpLen: 32
TCP Options (3) => NOP NOP TS: 909157881 1475449042
[Xref => http://www.securityfocus.com/bid/5293] |
[**] [1:1841:2] WEB-CLIENT javascript URL host spoofing attempt [**]
[Classification: Attempted User Privilege Gain] [Priority: 1]
05/07-20:05:15.407411 64.12.145.167:80 -> 192.168.1.92:50172
TCP TTL:51 TOS:0x0 ID:19717 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x495F6607 Ack: 0x2097347C Win: 0x7C70 TcpLen: 32
TCP Options (3) => NOP NOP TS: 909162221 1475449129
[Xref => http://www.securityfocus.com/bid/5293] |
[**] [1:1424:4] SHELLCODE x86 EB OC NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/08-18:23:54.568781 128.10.252.10:58348 -> 192.168.1.92:53153
TCP TTL:45 TOS:0x0 ID:4339 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1132AA16 Ack: 0x3105D3E0 Win: 0x16A0 TcpLen: 32
TCP Options (3) => NOP NOP TS: 416546303 1475540610 |
[**] [1:648:5] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/09-15:50:43.563639 17.254.0.132:80 -> 192.168.1.92:51210
TCP TTL:40 TOS:0x0 ID:35886 IpLen:20 DgmLen:468 DF
***AP*** Seq: 0x579E364D Ack: 0x111F8B93 Win: 0x8218 TcpLen: 32
TCP Options (3) => NOP NOP TS: 2889552926 2076851774
[Xref => http://www.whitehats.com/info/IDS181] |
[**] [1:1394:3] SHELLCODE x86 NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
05/19-16:41:28.327133 65.77.42.105:80 -> 192.168.1.92:51184
TCP TTL:47 TOS:0x0 ID:1887 IpLen:20 DgmLen:1315 DF
***AP*** Seq: 0xC11A3FA2 Ack: 0x479E397B Win: 0x4470 TcpLen: 20 |
[**] [1:1390:3] SHELLCODE x86 inc ebx NOOP [**]
[Classification: Executable code was detected] [Priority: 1]
06/09-12:25:48.521596 161.170.254.28:80 -> 192.168.1.92:53523
TCP TTL:42 TOS:0x0 ID:1010 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5CB64B69 Ack: 0x4C6DCDD2 Win: 0x8218 TcpLen: 32
TCP Options (3) => NOP NOP TS: 222228122 1333115206 |
![[Silicon Defense logo]](../../../SDlogo.gif)