SnortSnarf alert page

Source: 24.209.196.254

SnortSnarf v021111.1

Signature section (91123)

Top 20 source IPs

Top 20 dest IPs

134 such alerts found using input module SnortFileInput, with sources:

/home/rivettmj/snort_alertlog/alert

Earliest: 16:12:23.708479 on 05/05/2003
Latest: 20:54:26.042846 on 06/11/2003

2 different signatures are present for 24.209.196.254 as a source

66 instances of WEB-IIS ISAPI .ida attempt
68 instances of WEB-IIS cmd.exe access

There are 1 distinct destination IPs in the alerts of the type on this page.

24.209.196.254 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

Go to: overview page

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/05-16:12:23.708479 24.209.196.254:2594 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:15586 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x60C16AD2  Ack: 0xC120C738  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/05-16:12:23.741721 24.209.196.254:2594 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:15587 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x60C17086  Ack: 0xC120C738  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/05-17:26:25.019770 24.209.196.254:2102 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:38498 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF56BE718  Ack: 0xD85CE42E  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/05-17:26:25.067437 24.209.196.254:2102 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:38499 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF56BECCC  Ack: 0xD85CE42E  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/05-20:31:05.062022 24.209.196.254:4124 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:32076 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x854D34AC  Ack: 0x933D12D8  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/05-20:31:05.081976 24.209.196.254:4124 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:32077 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x854D3A60  Ack: 0x933D12D8  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/06-00:45:00.926164 24.209.196.254:3191 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:44598 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB2F68D5E  Ack: 0x51C83CBE  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/06-00:45:00.954346 24.209.196.254:3191 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:44599 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB2F69312  Ack: 0x51C83CBE  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/06-21:12:06.580608 24.209.196.254:3269 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:19593 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5B8DE014  Ack: 0x6E1AD448  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/06-21:12:06.626087 24.209.196.254:3269 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:19594 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5B8DE5C8  Ack: 0x6E1AD448  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/06-21:46:17.480014 24.209.196.254:2098 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:15512 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2137D9A8  Ack: 0xEE5E6DD6  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/06-21:46:17.503801 24.209.196.254:2098 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:15513 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2137DF5C  Ack: 0xEE5E6DD6  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/08-18:10:06.729241 24.209.196.254:3174 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:10558 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5249D57C  Ack: 0x3D9C35AF  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/08-18:10:06.750754 24.209.196.254:3174 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:10559 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5249DB30  Ack: 0x3D9C35AF  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/08-20:31:52.040908 24.209.196.254:2506 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:52144 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x83E41AE8  Ack: 0x5551C5E0  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/08-20:31:52.050587 24.209.196.254:2506 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:52145 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x83E4209C  Ack: 0x5551C5E0  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/08-20:53:08.870724 24.209.196.254:1096 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:43868 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF8BDDA7A  Ack: 0xA533185D  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/08-20:53:08.902164 24.209.196.254:1096 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:43869 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF8BDE02E  Ack: 0xA533185D  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/08-21:05:01.154987 24.209.196.254:3993 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:54672 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x38E897B7  Ack: 0xD2B8716B  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/08-21:05:01.187835 24.209.196.254:3993 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:54673 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x38E89D6B  Ack: 0xD2B8716B  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/08-22:07:29.449955 24.209.196.254:4397 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:19982 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x808D83F3  Ack: 0xBD90EE10  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/08-22:07:29.523217 24.209.196.254:4397 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:19983 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x808D89A7  Ack: 0xBD90EE10  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/09-16:00:14.080520 24.209.196.254:3924 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:9824 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBDC81776  Ack: 0x931F093B  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/09-16:00:14.110500 24.209.196.254:3924 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:9825 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBDC81D2A  Ack: 0x931F093B  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/09-19:07:07.939681 24.209.196.254:3805 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:31576 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x558DD5F8  Ack: 0x53D91A58  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/09-19:07:07.948464 24.209.196.254:3805 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:31577 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x558DDBAC  Ack: 0x53D91A58  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/09-19:37:58.144892 24.209.196.254:4903 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:34584 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE42618F3  Ack: 0xC8EF1710  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/09-19:37:58.165165 24.209.196.254:4903 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:34585 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE4261EA7  Ack: 0xC8EF1710  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-00:13:18.349429 24.209.196.254:1381 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:46882 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA60FC6E2  Ack: 0xD86D2AFA  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-00:13:18.369653 24.209.196.254:1381 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:46883 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA60FCC96  Ack: 0xD86D2AFA  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-13:33:01.472844 24.209.196.254:4278 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:34041 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x265DCB4A  Ack: 0xA648058E  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-13:33:01.499946 24.209.196.254:4278 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:34042 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x265DD0FE  Ack: 0xA648058E  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-13:45:11.242358 24.209.196.254:4365 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:47411 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6A472335  Ack: 0xD4A9CC2D  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-13:45:11.264627 24.209.196.254:4365 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:47412 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6A4728E9  Ack: 0xD4A9CC2D  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-22:16:03.366008 24.209.196.254:1393 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:15252 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xEDA7EAC0  Ack: 0x5DB4A3F9  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-22:16:03.414612 24.209.196.254:1393 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:15253 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xEDA7F074  Ack: 0x5DB4A3F9  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-22:34:18.110279 24.209.196.254:2578 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:34723 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x38969B56  Ack: 0xA23BB8C2  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-22:34:18.133606 24.209.196.254:2578 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:34724 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3896A10A  Ack: 0xA23BB8C2  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/11-22:06:34.223303 24.209.196.254:4056 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:31540 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x15A34F53  Ack: 0x7916D169  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/11-22:06:34.243833 24.209.196.254:4056 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:31541 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x15A35507  Ack: 0x7916D169  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-16:55:12.396566 24.209.196.254:2690 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:43688 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x70ED38BE  Ack: 0x60CBC298  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-16:55:12.415964 24.209.196.254:2690 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:43689 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x70ED3E72  Ack: 0x60CBC298  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-18:53:38.361841 24.209.196.254:1434 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:14784 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1BB6DFA7  Ack: 0x20330219  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-18:53:38.384884 24.209.196.254:1434 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:14785 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1BB6E55B  Ack: 0x20330219  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-19:55:31.787977 24.209.196.254:2145 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:16693 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x708049D8  Ack: 0x9BF45F3  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-19:55:31.820199 24.209.196.254:2145 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:16694 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x70804F8C  Ack: 0x9BF45F3  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-21:02:24.883413 24.209.196.254:4828 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:37965 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCE74892B  Ack: 0x7270ED0  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-21:02:24.904107 24.209.196.254:4828 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:37966 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCE748EDF  Ack: 0x7270ED0  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-21:23:29.982133 24.209.196.254:4932 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:6958 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3BB6BE4B  Ack: 0x56B9BF90  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-21:23:30.025466 24.209.196.254:4932 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:6959 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3BB6C3FF  Ack: 0x56B9BF90  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/14-20:10:28.130486 24.209.196.254:2485 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:47808 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x508FCE46  Ack: 0x82761370  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/14-20:10:28.162753 24.209.196.254:2485 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:47809 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x508FD3FA  Ack: 0x82761370  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/16-18:28:16.624189 24.209.196.254:4332 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:27526 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5ECC45B  Ack: 0x11BD8B78  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/16-18:28:16.632299 24.209.196.254:4332 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:27527 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5ECCA0F  Ack: 0x11BD8B78  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/16-18:52:05.505742 24.209.196.254:4089 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:20305 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8C69435B  Ack: 0x6BFF79EC  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/16-18:52:05.513742 24.209.196.254:4089 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:20306 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8C69490F  Ack: 0x6BFF79EC  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-13:37:42.272432 24.209.196.254:4007 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:22821 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x59BDB2A9  Ack: 0x798B061  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-13:37:42.273759 24.209.196.254:4007 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:22822 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x59BDB85D  Ack: 0x798B061  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/19-22:59:58.452148 24.209.196.254:2807 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:29099 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x824A10B2  Ack: 0xD301AD1A  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/19-22:59:58.453400 24.209.196.254:2807 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:29100 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x824A1666  Ack: 0xD301AD1A  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/22-20:16:19.991922 24.209.196.254:4201 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:6546 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8B4C4246  Ack: 0x27F1AFA0  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/22-20:16:19.993177 24.209.196.254:4201 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:6547 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8B4C47FA  Ack: 0x27F1AFA0  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/22-22:17:19.238602 24.209.196.254:3007 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:15995 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x14A4BDEF  Ack: 0xF232CA7C  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/22-22:17:19.246747 24.209.196.254:3007 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:15996 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x14A4C3A3  Ack: 0xF232CA7C  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-21:15:27.405652 24.209.196.254:4927 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:42780 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xAA64F0CA  Ack: 0x476B1641  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-21:15:27.413733 24.209.196.254:4927 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:42781 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xAA64F67E  Ack: 0x476B1641  Win: 0x4470  TcpLen: 20

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-21:47:06.500861 24.209.196.254:1797 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:9468 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5D0A90B3  Ack: 0xBE40EA41  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-16:30:39.557872 24.209.196.254:2680 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:20897 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x17D38102  Ack: 0x5482FD0E  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-16:30:39.565802 24.209.196.254:2680 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:20898 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x17D386B6  Ack: 0x5482FD0E  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-18:16:08.733330 24.209.196.254:3230 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:23532 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5F1B0FC6  Ack: 0xE13EEDCE  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-18:16:08.741554 24.209.196.254:3230 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:23533 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5F1B157A  Ack: 0xE13EEDCE  Win: 0x4470  TcpLen: 20

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-18:29:12.932053 24.209.196.254:4160 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:21275 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA61957A5  Ack: 0x1396F842  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-19:57:01.983332 24.209.196.254:4236 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:29047 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x68AB5B6C  Ack: 0x5E7A3C41  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-19:57:01.991285 24.209.196.254:4236 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:29048 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x68AB6120  Ack: 0x5E7A3C41  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-20:51:44.302550 24.209.196.254:4822 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:64822 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7053E341  Ack: 0x2E08A86C  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-20:51:50.074993 24.209.196.254:4822 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:65259 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7053E341  Ack: 0x2E08A86C  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-20:51:50.117857 24.209.196.254:4822 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:65262 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7053E8F5  Ack: 0x2E08A86C  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-15:49:49.430278 24.209.196.254:2551 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:39027 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3062D83A  Ack: 0x38D1452F  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-15:49:49.431561 24.209.196.254:2551 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:39028 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3062DDEE  Ack: 0x38D1452F  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-17:28:28.701628 24.209.196.254:2814 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:1408 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x618CDD4  Ack: 0xADEA703A  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-17:28:34.794480 24.209.196.254:2814 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:1841 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x618D388  Ack: 0xADEA703A  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-17:34:37.118288 24.209.196.254:3224 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:27630 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2354E4C6  Ack: 0xC5757218  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-17:34:37.126442 24.209.196.254:3224 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:27631 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2354EA7A  Ack: 0xC5757218  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-18:06:20.675146 24.209.196.254:1160 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:28302 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB4C1687D  Ack: 0x3C870F1B  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-18:06:20.676483 24.209.196.254:1160 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:28303 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB4C16E31  Ack: 0x3C870F1B  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-20:07:01.861451 24.209.196.254:2500 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:58062 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xC0EEDB6B  Ack: 0x4305F40  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-20:07:01.896278 24.209.196.254:2500 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:58063 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xC0EEE11F  Ack: 0x4305F40  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-18:17:48.984607 24.209.196.254:1657 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:47042 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA97FFAEB  Ack: 0x27E9134A  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-18:17:48.992983 24.209.196.254:1657 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:47043 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA980009F  Ack: 0x27E9134A  Win: 0x4470  TcpLen: 20

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-23:17:39.262210 24.209.196.254:4858 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:62419 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDD25C033  Ack: 0x935BE510  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-21:35:22.917826 24.209.196.254:4555 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:20089 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xABDDFD84  Ack: 0x517FD7CC  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-21:35:22.919276 24.209.196.254:4555 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:20090 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xABDE0338  Ack: 0x517FD7CC  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/31-18:04:33.581976 24.209.196.254:3724 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:22300 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA7C5049  Ack: 0x7533CE2E  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/31-18:04:33.590155 24.209.196.254:3724 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:22301 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA7C55FD  Ack: 0x7533CE2E  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/31-19:44:53.654121 24.209.196.254:3085 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:9664 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x32CD0E7C  Ack: 0xEF58D116  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/31-19:44:53.681260 24.209.196.254:3085 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:9665 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x32CD1430  Ack: 0xEF58D116  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/31-22:10:53.450534 24.209.196.254:4460 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:40649 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x31F4EF75  Ack: 0x165888D2  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/31-22:10:53.488389 24.209.196.254:4460 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:40651 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x31F4F529  Ack: 0x165888D2  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/01-23:47:14.117230 24.209.196.254:4015 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:64696 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x669EE4BA  Ack: 0xC2101176  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/01-23:47:14.147567 24.209.196.254:4015 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:64697 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x669EEA6E  Ack: 0xC2101176  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/02-00:47:57.926861 24.209.196.254:2131 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:42095 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB2AFDB1D  Ack: 0xA870EE3A  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/02-00:48:03.936638 24.209.196.254:2131 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:42594 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB2AFE0D1  Ack: 0xA870EE3A  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/02-19:30:52.048572 24.209.196.254:2429 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:11706 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCF76054A  Ack: 0x3918BB1D  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/02-19:30:52.110669 24.209.196.254:2429 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:11710 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCF760AFE  Ack: 0x3918BB1D  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/02-20:40:45.608861 24.209.196.254:1680 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:50311 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x60FAC816  Ack: 0x4259CFA2  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/02-20:40:45.617375 24.209.196.254:1680 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:50312 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x60FACDCA  Ack: 0x4259CFA2  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-12:12:18.744844 24.209.196.254:4122 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:60104 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFBBAB44D  Ack: 0xC057F7B0  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-12:12:18.746122 24.209.196.254:4122 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:60105 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFBBABA01  Ack: 0xC057F7B0  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-12:38:03.190363 24.209.196.254:4300 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:50955 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x843D1A61  Ack: 0x215C52FE  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-12:38:03.202522 24.209.196.254:4300 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:50956 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x843D2015  Ack: 0x215C52FE  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-14:44:02.715696 24.209.196.254:4762 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:48307 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1321FC89  Ack: 0xFE3B935F  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-14:44:02.716993 24.209.196.254:4762 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:48308 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1322023D  Ack: 0xFE3B935F  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-14:47:00.061848 24.209.196.254:1084 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:61431 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x21D95DFD  Ack: 0x890AAF8  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-14:47:00.093795 24.209.196.254:1084 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:61432 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x21D963B1  Ack: 0x890AAF8  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-15:24:45.805888 24.209.196.254:3586 -> 192.168.1.6:80
TCP TTL:120 TOS:0x0 ID:32186 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDC8892E4  Ack: 0x96EB6F32  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-15:24:45.807169 24.209.196.254:3586 -> 192.168.1.6:80
TCP TTL:120 TOS:0x0 ID:32187 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDC889898  Ack: 0x96EB6F32  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-15:28:08.446772 24.209.196.254:4366 -> 192.168.1.6:80
TCP TTL:120 TOS:0x0 ID:46972 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xECF16867  Ack: 0xA42F927B  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-15:28:08.448069 24.209.196.254:4366 -> 192.168.1.6:80
TCP TTL:120 TOS:0x0 ID:46973 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xECF16E1B  Ack: 0xA42F927B  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-19:57:32.165641 24.209.196.254:1270 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:43993 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD002FCE8  Ack: 0x9DBC924B  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-19:57:32.212616 24.209.196.254:1270 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:43994 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD003029C  Ack: 0x9DBC924B  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-21:09:44.223438 24.209.196.254:4427 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:51173 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3021113  Ack: 0xAD90DC2D  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-21:09:44.296490 24.209.196.254:4427 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:51177 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x30216C7  Ack: 0xAD90DC2D  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/07-19:27:22.972916 24.209.196.254:4047 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:21955 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2DBE808E  Ack: 0x6B2B51E8  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/07-19:27:22.974260 24.209.196.254:4047 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:21956 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2DBE8642  Ack: 0x6B2B51E8  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/07-20:54:44.809215 24.209.196.254:1255 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:33109 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF331786E  Ack: 0xB5DEF524  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/07-20:54:44.816844 24.209.196.254:1255 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:33110 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF3317E22  Ack: 0xB5DEF524  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/07-22:10:20.580233 24.209.196.254:4121 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:42040 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6F20BEFB  Ack: 0xD367309C  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/07-22:10:20.587799 24.209.196.254:4121 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:42041 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6F20C4AF  Ack: 0xD367309C  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/07-23:00:29.233436 24.209.196.254:2110 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:64720 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x607FFBCD  Ack: 0x8FF11AA1  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/07-23:00:29.264392 24.209.196.254:2110 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:64721 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x60800181  Ack: 0x8FF11AA1  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/11-20:54:14.623484 24.209.196.254:2581 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:43357 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x378BE7A0  Ack: 0xB2E13496  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/11-20:54:14.631200 24.209.196.254:2581 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:43358 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x378BED54  Ack: 0xB2E13496  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/11-20:54:26.015552 24.209.196.254:2725 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:44361 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x38042173  Ack: 0xB2F48C4E  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/11-20:54:26.042846 24.209.196.254:2725 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:44375 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x38042727  Ack: 0xB2F48C4E  Win: 0x4470  TcpLen: 20

Go to: overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Jun 17 09:03:54 2003

24.209.196.254	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade