[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-03:12:20.656488 24.209.49.251:1345 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:65218 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x482644FE Ack: 0x47BD3111 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-03:12:20.686906 24.209.49.251:1345 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:65219 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x48264AB2 Ack: 0x47BD3111 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-05:19:25.855970 24.209.49.251:4161 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:7426 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xECCFFCC8 Ack: 0x27D4A2C7 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-05:19:25.886477 24.209.49.251:4161 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:7427 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xECD0027C Ack: 0x27D4A2C7 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-07:10:48.147792 24.209.49.251:2265 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:31606 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x19DA2D29 Ack: 0xCD6D2391 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-07:10:48.178322 24.209.49.251:2265 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:31607 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x19DA32DD Ack: 0xCD6D2391 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-09:24:51.543585 24.209.49.251:1248 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:36993 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x87CA8AB4 Ack: 0xC69AF35E Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-09:24:51.574553 24.209.49.251:1248 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:36994 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x87CA9068 Ack: 0xC69AF35E Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-10:28:17.014756 24.209.49.251:4841 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:10812 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x9F3FFEBD Ack: 0xB6A72A11 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-10:28:17.044738 24.209.49.251:4841 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:10813 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x9F400471 Ack: 0xB6A72A11 Win: 0x4470 TcpLen: 20 |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-10:36:57.791133 24.209.49.251:3631 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:42820 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xC5187239 Ack: 0xD8281D08 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-11:09:11.163963 24.209.49.251:4033 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:31643 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x52F9B4AA Ack: 0x51830B71 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-11:09:11.206162 24.209.49.251:4033 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:31644 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x52F9BA5E Ack: 0x51830B71 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-11:52:53.745119 24.209.49.251:1943 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:60772 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x10CDF572 Ack: 0xF6A2667B Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-11:52:53.814646 24.209.49.251:1943 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:60773 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x10CDFB26 Ack: 0xF6A2667B Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-14:57:34.338522 24.209.49.251:1045 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:57327 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x18AC9678 Ack: 0xAFA1CA2C Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-14:57:34.368152 24.209.49.251:1045 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:57328 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x18AC9C2C Ack: 0xAFA1CA2C Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-15:14:49.264482 24.209.49.251:4506 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:49797 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x5E45F62E Ack: 0xF11DFDEF Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-15:14:49.310941 24.209.49.251:4506 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:49798 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x5E45FBE2 Ack: 0xF11DFDEF Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-18:07:00.946208 24.209.49.251:3278 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:1941 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xF3DBD73D Ack: 0x7C0B84A6 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-18:07:01.018841 24.209.49.251:3278 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:1942 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xF3DBDCF1 Ack: 0x7C0B84A6 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-20:26:37.868255 24.209.49.251:3528 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:53749 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xD2A4005E Ack: 0x8B0C5C51 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-20:26:37.899111 24.209.49.251:3528 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:53750 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xD2A40612 Ack: 0x8B0C5C51 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/08-20:32:46.564788 24.209.49.251:4745 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:3637 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xE67DAA69 Ack: 0xA2ABE789 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/08-20:32:46.600985 24.209.49.251:4745 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:3638 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xE67DB01D Ack: 0xA2ABE789 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/09-10:24:50.616024 24.209.49.251:1778 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:17896 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xE065465F Ack: 0xEA17F688 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/09-10:24:50.651687 24.209.49.251:1778 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:17897 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xE0654C13 Ack: 0xEA17F688 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/09-11:58:35.536635 24.209.49.251:4990 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:34732 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xBF55B340 Ack: 0x4C872A1E Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/09-11:58:35.594998 24.209.49.251:4990 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:34733 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xBF55B8F4 Ack: 0x4C872A1E Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/09-14:34:18.344499 24.209.49.251:1861 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:60266 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x1AEEECA6 Ack: 0x98F5FD59 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/09-14:34:18.378875 24.209.49.251:1861 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:60267 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x1AEEF25A Ack: 0x98F5FD59 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/09-14:43:37.404016 24.209.49.251:1891 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:6344 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x2E295759 Ack: 0xBC2A490D Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/09-14:43:37.433046 24.209.49.251:1891 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:6345 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x2E295D0D Ack: 0xBC2A490D Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/09-18:46:22.601680 24.209.49.251:4234 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:31229 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x108FF045 Ack: 0x50608224 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/09-18:46:22.617147 24.209.49.251:4234 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:31230 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x108FF5F9 Ack: 0x50608224 Win: 0x4470 TcpLen: 20 |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/10-18:16:19.618200 24.209.49.251:2384 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:5220 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xB49C1F16 Ack: 0x1E9AF7C1 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/11-15:06:22.858374 24.209.49.251:3949 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:8212 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xEF15633C Ack: 0x90389EC4 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/11-15:06:22.891851 24.209.49.251:3949 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:8213 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xEF1568F0 Ack: 0x90389EC4 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/11-15:33:23.017545 24.209.49.251:2962 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:16837 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xF3B0529 Ack: 0xF628CB8B Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/11-15:33:23.050320 24.209.49.251:2962 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:16838 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xF3B0ADD Ack: 0xF628CB8B Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/12-19:50:27.121761 24.209.49.251:2121 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:26167 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x5C170BF0 Ack: 0x1AEE950 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/12-19:50:27.152278 24.209.49.251:2121 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:26168 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x5C1711A4 Ack: 0x1AEE950 Win: 0x4470 TcpLen: 20 |