[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/28-12:34:41.763770 24.209.66.127:2531 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:19857 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x9053A293 Ack: 0xD7CD5787 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/28-12:34:41.770121 24.209.66.127:2531 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:19858 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x9053A847 Ack: 0xD7CD5787 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/28-13:40:34.488852 24.209.66.127:1743 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:11682 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x55A6AF8B Ack: 0xD06F75CF Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/28-13:40:34.495106 24.209.66.127:1743 -> 192.168.1.6:80 TCP TTL:121 TOS:0x0 ID:11683 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x55A6B53F Ack: 0xD06F75CF Win: 0x4470 TcpLen: 20 |