[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/27-12:30:29.888980 24.126.90.163:3478 -> 192.168.1.6:80 TCP TTL:107 TOS:0x0 ID:40009 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x8A9116D1 Ack: 0x88144B4B Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/27-12:30:29.898143 24.126.90.163:3478 -> 192.168.1.6:80 TCP TTL:107 TOS:0x0 ID:40010 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x8A911C85 Ack: 0x88144B4B Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/29-01:44:30.606719 24.126.90.163:2925 -> 192.168.1.6:80 TCP TTL:107 TOS:0x0 ID:52443 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x81C599A8 Ack: 0x7DC888C2 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/29-01:44:30.612942 24.126.90.163:2925 -> 192.168.1.6:80 TCP TTL:107 TOS:0x0 ID:52444 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x81C59F5C Ack: 0x7DC888C2 Win: 0x4470 TcpLen: 20 |