[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/29-13:17:12.495884 218.16.111.89:3564 -> 192.168.1.6:80 TCP TTL:99 TOS:0x0 ID:62161 IpLen:20 DgmLen:1492 DF ***A**** Seq: 0x4944D3D2 Ack: 0xB74248EA Win: 0x4410 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/29-13:17:12.523336 218.16.111.89:3564 -> 192.168.1.6:80 TCP TTL:99 TOS:0x0 ID:62162 IpLen:20 DgmLen:1492 DF ***A**** Seq: 0x4944D97E Ack: 0xB74248EA Win: 0x4410 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/29-13:17:27.191391 218.16.111.89:3992 -> 192.168.1.6:80 TCP TTL:99 TOS:0x0 ID:63731 IpLen:20 DgmLen:1492 DF ***A**** Seq: 0x4AAD61A1 Ack: 0xB7D957DE Win: 0x4410 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/29-13:17:27.217046 218.16.111.89:3992 -> 192.168.1.6:80 TCP TTL:99 TOS:0x0 ID:63732 IpLen:20 DgmLen:1492 DF ***A**** Seq: 0x4AAD674D Ack: 0xB7D957DE Win: 0x4410 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/29-13:17:31.167424 218.16.111.89:4114 -> 192.168.1.6:80 TCP TTL:99 TOS:0x0 ID:64158 IpLen:20 DgmLen:1492 DF ***A**** Seq: 0x4B125B3D Ack: 0xB88224F5 Win: 0x4410 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/29-13:17:31.193541 218.16.111.89:4114 -> 192.168.1.6:80 TCP TTL:99 TOS:0x0 ID:64159 IpLen:20 DgmLen:1492 DF ***A**** Seq: 0x4B1260E9 Ack: 0xB88224F5 Win: 0x4410 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/29-13:20:18.080016 218.16.111.89:1102 -> 192.168.1.6:80 TCP TTL:99 TOS:0x0 ID:16900 IpLen:20 DgmLen:1492 DF ***A**** Seq: 0x5B87D25E Ack: 0xC3979544 Win: 0x4410 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/29-13:20:21.525941 218.16.111.89:1214 -> 192.168.1.6:80 TCP TTL:99 TOS:0x0 ID:17321 IpLen:20 DgmLen:1492 DF ***A**** Seq: 0x5BE61381 Ack: 0xC36828FB Win: 0x4410 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/29-13:20:21.551457 218.16.111.89:1214 -> 192.168.1.6:80 TCP TTL:99 TOS:0x0 ID:17322 IpLen:20 DgmLen:1492 DF ***A**** Seq: 0x5BE6192D Ack: 0xC36828FB Win: 0x4410 TcpLen: 20 |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/29-13:20:22.472518 218.16.111.89:1102 -> 192.168.1.6:80 TCP TTL:99 TOS:0x0 ID:17435 IpLen:20 DgmLen:1492 DF ***A**** Seq: 0x5B87D80A Ack: 0xC3979544 Win: 0x4410 TcpLen: 20 |