[Silicon Defense logo]

SnortSnarf alert page

Source: 24.209.229.123

SnortSnarf v021111.1

Signature section (91123)Top 20 source IPsTop 20 dest IPs

48 such alerts found using input module SnortFileInput, with sources:
Earliest: 12:18:53.285052 on 05/24/2003
Latest: 01:07:11.851106 on 05/29/2003

2 different signatures are present for 24.209.229.123 as a source

There are 1 distinct destination IPs in the alerts of the type on this page.

24.209.229.123 Whois lookup at: ARIN RIPE APNIC Geektools
DNS lookup at: Amenesi TRIUMF Princeton
More lookup links: Dshield Sam Spade

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/24-12:18:53.285052 24.209.229.123:2946 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:17914 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA9576444 Ack: 0x9CAA7795 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/24-12:18:53.317432 24.209.229.123:2946 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:17915 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA95769F8 Ack: 0x9CAA7795 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/24-13:33:48.538972 24.209.229.123:1747 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:26723 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6023B592 Ack: 0xB7F12724 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/24-13:33:48.574769 24.209.229.123:1747 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:26724 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6023BB46 Ack: 0xB7F12724 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/24-19:45:50.102865 24.209.229.123:4947 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:6682 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9FFBDA42 Ack: 0x349609B5 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/24-19:45:50.125634 24.209.229.123:4947 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:6683 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9FFBDFF6 Ack: 0x349609B5 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/24-21:16:16.723629 24.209.229.123:3200 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:2559 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5F4D2D24 Ack: 0x89BF9908 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/24-21:16:16.749089 24.209.229.123:3200 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:2560 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5F4D32D8 Ack: 0x89BF9908 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/25-14:13:04.316911 24.209.229.123:2014 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:25140 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA77527D4 Ack: 0x8BF36BB5 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/25-14:13:04.356690 24.209.229.123:2014 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:25141 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA7752D88 Ack: 0x8BF36BB5 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/26-15:40:44.905220 24.209.229.123:1760 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:27167 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x25C8F5C3 Ack: 0x165FB22E Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/26-15:40:44.929792 24.209.229.123:1760 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:27168 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x25C8FB77 Ack: 0x165FB22E Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/26-15:43:57.022632 24.209.229.123:3576 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:44819 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x39428773 Ack: 0x22EBE23F Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/26-15:43:57.055281 24.209.229.123:3576 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:44820 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x39428D27 Ack: 0x22EBE23F Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/26-15:58:07.012977 24.209.229.123:4699 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:55742 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8DC40E7D Ack: 0x58DB32F1 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/26-15:58:07.038584 24.209.229.123:4699 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:55743 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8DC41431 Ack: 0x58DB32F1 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/26-18:11:08.884014 24.209.229.123:1634 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:10883 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDF5EDE73 Ack: 0x4F6EEE29 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/26-18:11:08.914548 24.209.229.123:1634 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:10884 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDF5EE427 Ack: 0x4F6EEE29 Win: 0x4470 TcpLen: 20
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-01:03:27.844793 24.209.229.123:2609 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:15301 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA11B8241 Ack: 0x64903490 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-01:10:54.608210 24.209.229.123:3598 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:54386 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCCED9BB1 Ack: 0x805E735E Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-01:10:54.693044 24.209.229.123:3598 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:54387 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCCEDA165 Ack: 0x805E735E Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-16:17:04.749559 24.209.229.123:1185 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:33873 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBA6865DF Ack: 0xDF8A1CA1 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-16:17:04.758678 24.209.229.123:1185 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:33874 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xBA686B93 Ack: 0xDF8A1CA1 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-16:49:02.804784 24.209.229.123:1330 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:6373 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x772B73F0 Ack: 0x5929ED97 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-16:49:02.824954 24.209.229.123:1330 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:6374 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x772B79A4 Ack: 0x5929ED97 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-16:52:46.896965 24.209.229.123:3942 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:26366 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8D6E1F42 Ack: 0x679F6001 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-16:52:46.910206 24.209.229.123:3942 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:26367 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8D6E24F6 Ack: 0x679F6001 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-16:52:49.924254 24.209.229.123:3942 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:26644 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8D6E1F42 Ack: 0x679F6001 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-17:54:57.425341 24.209.229.123:1566 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:17849 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF1D8AB4E Ack: 0x510740EA Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-17:54:57.458953 24.209.229.123:1566 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:17850 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF1D8B102 Ack: 0x510740EA Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-19:02:32.110750 24.209.229.123:3476 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:8752 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5A1799DA Ack: 0x51007E8E Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-19:02:32.134450 24.209.229.123:3476 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:8753 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5A179F8E Ack: 0x51007E8E Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-19:18:24.500151 24.209.229.123:3446 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:15221 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xABF376AD Ack: 0x8C3C3FD9 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-19:18:24.525609 24.209.229.123:3446 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:15222 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xABF37C61 Ack: 0x8C3C3FD9 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-22:11:23.153356 24.209.229.123:2602 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:28629 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1D64056 Ack: 0x194B34EF Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-22:11:23.179346 24.209.229.123:2602 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:28630 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1D6460A Ack: 0x194B34EF Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-23:35:52.909715 24.209.229.123:3033 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:58873 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDC83B2E4 Ack: 0x58B252B0 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/27-23:35:52.955437 24.209.229.123:3033 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:58874 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDC83B898 Ack: 0x58B252B0 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/28-15:55:55.450122 24.209.229.123:4426 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:46752 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x89F3145D Ack: 0xCF6C1716 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/28-15:55:55.480667 24.209.229.123:4426 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:46753 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x89F31A11 Ack: 0xCF6C1716 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/28-17:12:38.298190 24.209.229.123:2157 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:52409 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x837DCE31 Ack: 0xF16B6EEB Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/28-17:12:38.324824 24.209.229.123:2157 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:52410 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x837DD3E5 Ack: 0xF16B6EEB Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/28-17:31:03.453745 24.209.229.123:1626 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:47480 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x479ACEA3 Ack: 0x37665B7C Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/28-17:31:03.483629 24.209.229.123:1626 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:47481 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x479AD457 Ack: 0x37665B7C Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/28-22:52:46.855718 24.209.229.123:3295 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:63613 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x335DF7FB Ack: 0xF679C351 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/28-22:52:46.878384 24.209.229.123:3295 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:63614 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x335DFDAF Ack: 0xF679C351 Win: 0x4470 TcpLen: 20
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1]
05/29-01:07:11.829346 24.209.229.123:2320 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:50668 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3C89CFBF Ack: 0xF2018387 Win: 0x4470 TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]
[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1]
05/29-01:07:11.851106 24.209.229.123:2320 -> 192.168.1.6:80
TCP TTL:124 TOS:0x0 ID:50669 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3C89D573 Ack: 0xF2018387 Win: 0x4470 TcpLen: 20
SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Jun 17 09:03:54 2003