[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/02-00:47:57.926861 24.209.196.254:2131 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:42095 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xB2AFDB1D Ack: 0xA870EE3A Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/02-00:48:03.936638 24.209.196.254:2131 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:42594 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xB2AFE0D1 Ack: 0xA870EE3A Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/02-19:30:52.048572 24.209.196.254:2429 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:11706 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xCF76054A Ack: 0x3918BB1D Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/02-19:30:52.110669 24.209.196.254:2429 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:11710 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xCF760AFE Ack: 0x3918BB1D Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/02-20:40:45.608861 24.209.196.254:1680 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:50311 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x60FAC816 Ack: 0x4259CFA2 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/02-20:40:45.617375 24.209.196.254:1680 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:50312 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x60FACDCA Ack: 0x4259CFA2 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/06-12:12:18.744844 24.209.196.254:4122 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:60104 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xFBBAB44D Ack: 0xC057F7B0 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/06-12:12:18.746122 24.209.196.254:4122 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:60105 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xFBBABA01 Ack: 0xC057F7B0 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/06-12:38:03.190363 24.209.196.254:4300 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:50955 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x843D1A61 Ack: 0x215C52FE Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/06-12:38:03.202522 24.209.196.254:4300 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:50956 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x843D2015 Ack: 0x215C52FE Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/06-14:44:02.715696 24.209.196.254:4762 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:48307 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x1321FC89 Ack: 0xFE3B935F Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/06-14:44:02.716993 24.209.196.254:4762 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:48308 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x1322023D Ack: 0xFE3B935F Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/06-14:47:00.061848 24.209.196.254:1084 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:61431 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x21D95DFD Ack: 0x890AAF8 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/06-14:47:00.093795 24.209.196.254:1084 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:61432 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x21D963B1 Ack: 0x890AAF8 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/06-15:24:45.805888 24.209.196.254:3586 -> 192.168.1.6:80 TCP TTL:120 TOS:0x0 ID:32186 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xDC8892E4 Ack: 0x96EB6F32 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/06-15:24:45.807169 24.209.196.254:3586 -> 192.168.1.6:80 TCP TTL:120 TOS:0x0 ID:32187 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xDC889898 Ack: 0x96EB6F32 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/06-15:28:08.446772 24.209.196.254:4366 -> 192.168.1.6:80 TCP TTL:120 TOS:0x0 ID:46972 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xECF16867 Ack: 0xA42F927B Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/06-15:28:08.448069 24.209.196.254:4366 -> 192.168.1.6:80 TCP TTL:120 TOS:0x0 ID:46973 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xECF16E1B Ack: 0xA42F927B Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/06-19:57:32.165641 24.209.196.254:1270 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:43993 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xD002FCE8 Ack: 0x9DBC924B Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/06-19:57:32.212616 24.209.196.254:1270 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:43994 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xD003029C Ack: 0x9DBC924B Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/06-21:09:44.223438 24.209.196.254:4427 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:51173 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x3021113 Ack: 0xAD90DC2D Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/06-21:09:44.296490 24.209.196.254:4427 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:51177 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x30216C7 Ack: 0xAD90DC2D Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/07-19:27:22.972916 24.209.196.254:4047 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:21955 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x2DBE808E Ack: 0x6B2B51E8 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/07-19:27:22.974260 24.209.196.254:4047 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:21956 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x2DBE8642 Ack: 0x6B2B51E8 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/07-20:54:44.809215 24.209.196.254:1255 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:33109 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xF331786E Ack: 0xB5DEF524 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/07-20:54:44.816844 24.209.196.254:1255 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:33110 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xF3317E22 Ack: 0xB5DEF524 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/07-22:10:20.580233 24.209.196.254:4121 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:42040 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x6F20BEFB Ack: 0xD367309C Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/07-22:10:20.587799 24.209.196.254:4121 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:42041 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x6F20C4AF Ack: 0xD367309C Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/07-23:00:29.233436 24.209.196.254:2110 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:64720 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x607FFBCD Ack: 0x8FF11AA1 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/07-23:00:29.264392 24.209.196.254:2110 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:64721 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x60800181 Ack: 0x8FF11AA1 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/11-20:54:14.623484 24.209.196.254:2581 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:43357 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x378BE7A0 Ack: 0xB2E13496 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/11-20:54:14.631200 24.209.196.254:2581 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:43358 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x378BED54 Ack: 0xB2E13496 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/11-20:54:26.015552 24.209.196.254:2725 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:44361 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x38042173 Ack: 0xB2F48C4E Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/11-20:54:26.042846 24.209.196.254:2725 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:44375 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x38042727 Ack: 0xB2F48C4E Win: 0x4470 TcpLen: 20 |
Go to: