[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/17-14:13:33.850462 24.209.45.21:4313 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:62325 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x307C53F7 Ack: 0x9025F319 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/17-14:13:33.881052 24.209.45.21:4313 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:62326 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x307C59AB Ack: 0x9025F319 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/17-22:29:52.407821 24.209.45.21:4987 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:57394 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xC9404FE9 Ack: 0xE198C28A Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/17-22:29:52.446065 24.209.45.21:4987 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:57395 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xC940559D Ack: 0xE198C28A Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/18-00:11:37.817924 24.209.45.21:3569 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:28851 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x779E395E Ack: 0x61ED801C Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/18-00:11:37.849052 24.209.45.21:3569 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:28852 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x779E3F12 Ack: 0x61ED801C Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/18-06:53:17.389207 24.209.45.21:4204 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:53197 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x38B0A806 Ack: 0x4FE81455 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/18-06:53:17.420407 24.209.45.21:4204 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:53198 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x38B0ADBA Ack: 0x4FE81455 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/18-10:36:10.604921 24.209.45.21:4572 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:57389 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xECAA1B32 Ack: 0x98B64CE1 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/18-10:36:10.637057 24.209.45.21:4572 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:57390 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xECAA20E6 Ack: 0x98B64CE1 Win: 0x4470 TcpLen: 20 |