[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/06-20:46:39.819356 24.209.50.212:1519 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:46595 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x52E18254 Ack: 0x5765248E Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/06-20:46:39.863961 24.209.50.212:1519 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:46596 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x52E18808 Ack: 0x5765248E Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/06-22:17:22.453881 24.209.50.212:1660 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:61361 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x5499CC9C Ack: 0xADC81DDF Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/06-22:17:22.484624 24.209.50.212:1660 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:61362 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x5499D250 Ack: 0xADC81DDF Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/07-01:10:31.610117 24.209.50.212:1922 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:12349 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x27C34FAC Ack: 0x3C749E7C Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/07-01:10:31.644408 24.209.50.212:1922 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:12350 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x27C35560 Ack: 0x3C749E7C Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/07-04:26:25.145300 24.209.50.212:1439 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:47386 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xD949CED9 Ack: 0x202D863E Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/07-04:26:25.173021 24.209.50.212:1439 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:47387 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xD949D48D Ack: 0x202D863E Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 06/07-04:48:29.858814 24.209.50.212:4920 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:33114 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x3D5FA762 Ack: 0x736E60DF Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 06/07-04:48:29.890181 24.209.50.212:4920 -> 192.168.1.6:80 TCP TTL:119 TOS:0x0 ID:33115 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x3D5FAD16 Ack: 0x736E60DF Win: 0x4470 TcpLen: 20 |