SnortSnarf alert page

Source: 24.209.44.83

SnortSnarf v021111.1

Signature section (91123)

Top 20 source IPs

Top 20 dest IPs

72 such alerts found using input module SnortFileInput, with sources:

/home/rivettmj/snort_alertlog/alert

Earliest: 14:11:22.206833 on 05/23/2003
Latest: 17:06:34.303310 on 05/30/2003

2 different signatures are present for 24.209.44.83 as a source

36 instances of WEB-IIS ISAPI .ida attempt
36 instances of WEB-IIS cmd.exe access

There are 1 distinct destination IPs in the alerts of the type on this page.

24.209.44.83 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-14:11:22.206833 24.209.44.83:3455 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:6509 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x867DAECE  Ack: 0x67E966C  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-14:11:22.239086 24.209.44.83:3455 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:6510 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x867DB482  Ack: 0x67E966C  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-16:19:38.313895 24.209.44.83:4045 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:24256 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3664E4CD  Ack: 0xE9F0FBBF  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-16:19:38.345122 24.209.44.83:4045 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:24257 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3664EA81  Ack: 0xE9F0FBBF  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-16:29:16.348970 24.209.44.83:4484 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:1213 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6731C562  Ack: 0xF06A42A  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-16:29:16.380877 24.209.44.83:4484 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:1214 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6731CB16  Ack: 0xF06A42A  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-19:49:51.186722 24.209.44.83:4338 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:20642 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1012D65D  Ack: 0x43389F5  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-19:49:51.220075 24.209.44.83:4338 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:20643 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1012DC11  Ack: 0x43389F5  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-22:05:54.037896 24.209.44.83:4261 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:51591 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6068C3E  Ack: 0x6547B92  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-22:05:54.077504 24.209.44.83:4261 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:51592 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x60691F2  Ack: 0x6547B92  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-17:31:24.876406 24.209.44.83:3225 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:37126 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7D664E4D  Ack: 0x39B542A4  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-17:31:24.910641 24.209.44.83:3225 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:37127 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7D665401  Ack: 0x39B542A4  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-19:24:38.323329 24.209.44.83:4914 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:20063 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xAB52C81E  Ack: 0xE4E20EBD  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-19:24:38.370235 24.209.44.83:4914 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:20064 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xAB52CDD2  Ack: 0xE4E20EBD  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-02:33:56.260028 24.209.44.83:3265 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:5245 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8BFD97F2  Ack: 0x3A8686F7  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-02:33:56.290472 24.209.44.83:3265 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:5246 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8BFD9DA6  Ack: 0x3A8686F7  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-03:33:59.610800 24.209.44.83:4076 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:4239 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB8C3DB53  Ack: 0x1D3B8E92  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-03:33:59.641815 24.209.44.83:4076 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:4240 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB8C3E107  Ack: 0x1D3B8E92  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-06:42:46.030146 24.209.44.83:3092 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:34685 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2526FE3F  Ack: 0xE69DE894  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-06:42:46.058216 24.209.44.83:3092 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:34686 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x252703F3  Ack: 0xE69DE894  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-13:41:23.035060 24.209.44.83:3946 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:32709 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x318077B5  Ack: 0x1445ECE6  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-13:41:23.065267 24.209.44.83:3946 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:32710 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x31807D69  Ack: 0x1445ECE6  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-16:23:28.487123 24.209.44.83:4072 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:26730 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x23F3596E  Ack: 0x78AA194C  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-16:23:28.521597 24.209.44.83:4072 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:26731 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x23F35F22  Ack: 0x78AA194C  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-19:02:38.249352 24.209.44.83:4734 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:11129 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD6BF0F90  Ack: 0xD167E15E  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-19:02:38.279831 24.209.44.83:4734 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:11130 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD6BF1544  Ack: 0xD167E15E  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-00:46:29.837733 24.209.44.83:4841 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:1957 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x4199D8A5  Ack: 0xE474DE3B  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-00:46:29.869077 24.209.44.83:4841 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:1958 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x4199DE59  Ack: 0xE474DE3B  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-14:15:24.880739 24.209.44.83:3531 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:43787 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE9EFE018  Ack: 0xD3A8AF9E  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-14:15:24.910481 24.209.44.83:3531 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:43788 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE9EFE5CC  Ack: 0xD3A8AF9E  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-14:43:34.768589 24.209.44.83:4867 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:8937 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1FBB9D43  Ack: 0x3EE27DA6  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-14:43:34.799879 24.209.44.83:4867 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:8938 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1FBBA2F7  Ack: 0x3EE27DA6  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/28-18:05:34.950288 24.209.44.83:3104 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:31170 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x43093502  Ack: 0xB9C98E81  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/28-18:05:34.982734 24.209.44.83:3104 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:31171 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x43093AB6  Ack: 0xB9C98E81  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-15:41:53.418088 24.209.44.83:4191 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:29341 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFBEB314E  Ack: 0xDB4E3369  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-15:41:53.450725 24.209.44.83:4191 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:29342 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFBEB3702  Ack: 0xDB4E3369  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-16:39:01.307967 24.209.44.83:4103 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:54832 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3828F242  Ack: 0xB1638EA6  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-16:39:01.337765 24.209.44.83:4103 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:54833 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3828F7F6  Ack: 0xB1638EA6  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-20:20:39.655609 24.209.44.83:3063 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:4496 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x79D849A1  Ack: 0xF6EF0391  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-20:20:39.688224 24.209.44.83:3063 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:4497 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x79D84F55  Ack: 0xF6EF0391  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-20:59:46.474762 24.209.44.83:4161 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:28081 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2F45053A  Ack: 0x8AF599F3  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-20:59:46.508131 24.209.44.83:4161 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:28082 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2F450AEE  Ack: 0x8AF599F3  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-21:27:55.813228 24.209.44.83:4225 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:49751 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD7B82F9A  Ack: 0xF4C874F7  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-21:27:55.847481 24.209.44.83:4225 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:49752 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD7B8354E  Ack: 0xF4C874F7  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-22:42:28.723277 24.209.44.83:4834 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:34022 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7B53EB80  Ack: 0xEAE609F  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-22:42:28.753967 24.209.44.83:4834 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:34023 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7B53F134  Ack: 0xEAE609F  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-22:43:59.567232 24.209.44.83:3228 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:41234 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x836DD5B6  Ack: 0x14D0A36E  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-22:43:59.599015 24.209.44.83:3228 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:41235 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x836DDB6A  Ack: 0x14D0A36E  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-00:34:29.423825 24.209.44.83:3238 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:27921 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xC8499E17  Ack: 0xB641102B  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-00:34:29.456159 24.209.44.83:3238 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:27922 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xC849A3CB  Ack: 0xB641102B  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-00:41:33.019190 24.209.44.83:4127 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:60374 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xED11A045  Ack: 0xD05F9637  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-00:41:33.051147 24.209.44.83:4127 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:60375 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xED11A5F9  Ack: 0xD05F9637  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-03:19:44.087934 24.209.44.83:3065 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:30337 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8BE24CA  Ack: 0x271A5984  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-03:19:44.118087 24.209.44.83:3065 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:30338 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8BE2A7E  Ack: 0x271A5984  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-03:35:29.517180 24.209.44.83:3142 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:29303 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5401D23E  Ack: 0x61A26248  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-03:35:29.547764 24.209.44.83:3142 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:29304 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5401D7F2  Ack: 0x61A26248  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-03:36:21.434174 24.209.44.83:4323 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:32793 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x580B1C2B  Ack: 0x65389D51  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-03:36:21.464660 24.209.44.83:4323 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:32794 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x580B21DF  Ack: 0x65389D51  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-05:08:39.675182 24.209.44.83:4436 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:5253 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x586606B  Ack: 0xC0FC93C6  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-05:08:39.707191 24.209.44.83:4436 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:5254 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x586661F  Ack: 0xC0FC93C6  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-08:57:45.730306 24.209.44.83:3168 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:5084 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF8C02EAE  Ack: 0x234F63CF  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-08:57:45.762322 24.209.44.83:3168 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:5085 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF8C03462  Ack: 0x234F63CF  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-10:05:00.655434 24.209.44.83:3392 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:38341 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE84B1DB  Ack: 0x21A59537  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-10:05:00.687811 24.209.44.83:3392 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:38342 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE84B78F  Ack: 0x21A59537  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-14:23:57.628609 24.209.44.83:4366 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:44751 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE292DDB3  Ack: 0xF3C45859  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-14:23:57.660955 24.209.44.83:4366 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:44752 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE292E367  Ack: 0xF3C45859  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-14:47:01.547750 24.209.44.83:4780 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:42387 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x32C7B72B  Ack: 0x4B6BAE2B  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-14:47:01.593828 24.209.44.83:4780 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:42388 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x32C7BCDF  Ack: 0x4B6BAE2B  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-15:22:57.236773 24.209.44.83:3347 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:8807 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xAE9D454C  Ack: 0xD1E7C561  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-15:22:57.275234 24.209.44.83:3347 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:8808 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xAE9D4B00  Ack: 0xD1E7C561  Win: 0x4470  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-17:06:34.270677 24.209.44.83:4036 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:26216 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1168948B  Ack: 0x59F77964  Win: 0x4470  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-17:06:34.303310 24.209.44.83:4036 -> 192.168.1.6:80
TCP TTL:121 TOS:0x0 ID:26217 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x11689A3F  Ack: 0x59F77964  Win: 0x4470  TcpLen: 20

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Jun 17 09:03:53 2003

24.209.44.83	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade