[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/03-22:38:58.338179 24.209.34.185:3254 -> 192.168.1.6:80 TCP TTL:120 TOS:0x0 ID:14450 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x5715023 Ack: 0x40D1DA93 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/03-22:38:58.361060 24.209.34.185:3254 -> 192.168.1.6:80 TCP TTL:120 TOS:0x0 ID:14451 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x57155D7 Ack: 0x40D1DA93 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/03-23:16:13.141858 24.209.34.185:3789 -> 192.168.1.6:80 TCP TTL:120 TOS:0x0 ID:1486 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xCFD7CD26 Ack: 0xCC50A505 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/03-23:16:13.181521 24.209.34.185:3789 -> 192.168.1.6:80 TCP TTL:120 TOS:0x0 ID:1487 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xCFD7D2DA Ack: 0xCC50A505 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/04-01:10:59.142757 24.209.34.185:1941 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:49092 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x2E0FE74F Ack: 0x7F4D505A Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/04-01:10:59.165121 24.209.34.185:1941 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:49093 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x2E0FED03 Ack: 0x7F4D505A Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/04-04:50:25.147705 24.209.34.185:2119 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:7715 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x53B12313 Ack: 0xBB0D94DD Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/04-04:50:25.170224 24.209.34.185:2119 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:7716 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x53B128C7 Ack: 0xBB0D94DD Win: 0x4470 TcpLen: 20 |