[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/28-20:38:00.866529 24.136.155.112:2051 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:4806 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x2F0A9FA8 Ack: 0xF877E0A6 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/28-20:38:00.878264 24.136.155.112:2051 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:4807 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x2F0AA55C Ack: 0xF877E0A6 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/07-12:02:56.303906 24.136.155.112:3999 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:57747 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x4958DDA9 Ack: 0xDCB2C216 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/07-12:02:56.310342 24.136.155.112:3999 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:57748 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x4958E35D Ack: 0xDCB2C216 Win: 0x4470 TcpLen: 20 |