[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/13-14:37:19.515536 24.209.133.90:1711 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:61373 IpLen:20 DgmLen:1300 DF ***A**** Seq: 0x2CAEC2E0 Ack: 0x588D5B0E Win: 0xFC00 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/13-14:37:19.521458 24.209.133.90:1711 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:61374 IpLen:20 DgmLen:1300 DF ***A**** Seq: 0x2CAEC7CC Ack: 0x588D5B0E Win: 0xFC00 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/13-14:51:57.740458 24.209.133.90:4640 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:339 IpLen:20 DgmLen:1300 DF ***A**** Seq: 0x7AAB3576 Ack: 0x8EFDCC87 Win: 0xFC00 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/13-14:51:57.747116 24.209.133.90:4640 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:340 IpLen:20 DgmLen:1300 DF ***A**** Seq: 0x7AAB3A62 Ack: 0x8EFDCC87 Win: 0xFC00 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/13-15:27:04.498657 24.209.133.90:4857 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:27506 IpLen:20 DgmLen:1300 DF ***A**** Seq: 0x2D3E128E Ack: 0x14CFB962 Win: 0xFC00 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/13-15:27:04.504401 24.209.133.90:4857 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:27507 IpLen:20 DgmLen:1300 DF ***A**** Seq: 0x2D3E177A Ack: 0x14CFB962 Win: 0xFC00 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/13-15:27:14.246556 24.209.133.90:1113 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:28209 IpLen:20 DgmLen:1300 DF ***A**** Seq: 0x2E08D071 Ack: 0x156A50B5 Win: 0xFC00 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/13-15:27:14.252739 24.209.133.90:1113 -> 192.168.1.6:80 TCP TTL:115 TOS:0x0 ID:28210 IpLen:20 DgmLen:1300 DF ***A**** Seq: 0x2E08D55D Ack: 0x156A50B5 Win: 0xFC00 TcpLen: 20 |