SnortSnarf alert page

Source: 24.209.98.148

SnortSnarf v021111.1

Signature section (91123)

Top 20 source IPs

Top 20 dest IPs

125 such alerts found using input module SnortFileInput, with sources:

/home/rivettmj/snort_alertlog/alert

Earliest: 17:24:23.347387 on 05/01/2003
Latest: 17:05:59.660073 on 06/15/2003

2 different signatures are present for 24.209.98.148 as a source

62 instances of WEB-IIS ISAPI .ida attempt
63 instances of WEB-IIS cmd.exe access

There are 1 distinct destination IPs in the alerts of the type on this page.

24.209.98.148 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

Go to: overview page

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/01-17:24:23.347387 24.209.98.148:3213 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:4725 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x39C6A2A  Ack: 0xD395D3A5  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/01-17:24:23.374505 24.209.98.148:3213 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:4726 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x39C6FDE  Ack: 0xD395D3A5  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/05-16:56:19.400706 24.209.98.148:4397 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:26023 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1110C2BD  Ack: 0x682466F0  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/05-16:56:19.412852 24.209.98.148:4397 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:26024 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1110C871  Ack: 0x682466F0  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/05-17:02:46.954276 24.209.98.148:3172 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:9718 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3597B0C4  Ack: 0x80120D66  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/05-17:02:46.962652 24.209.98.148:3172 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:9719 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x3597B678  Ack: 0x80120D66  Win: 0xFAF0  TcpLen: 20

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-12:31:20.069422 24.209.98.148:1094 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:13398 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCF4036E  Ack: 0xBCE9302B  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-13:37:23.969307 24.209.98.148:4967 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:40009 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9334C244  Ack: 0xB670B53B  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/10-13:37:23.982587 24.209.98.148:4967 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:40010 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9334C7F8  Ack: 0xB670B53B  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/11-19:31:33.814760 24.209.98.148:2706 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:18190 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x4E0C0A49  Ack: 0x2F7B0135  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/11-19:31:33.843866 24.209.98.148:2706 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:18191 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x4E0C0FFD  Ack: 0x2F7B0135  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/11-20:36:10.360555 24.209.98.148:4863 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:7841 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9C99C54E  Ack: 0x23E10573  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/11-20:36:10.390167 24.209.98.148:4863 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:7842 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9C99CB02  Ack: 0x23E10573  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/12-18:06:13.712062 24.209.98.148:3812 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:40493 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x4A135B10  Ack: 0x2D3D7E69  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/12-18:06:13.740534 24.209.98.148:3812 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:40494 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x4A1360C4  Ack: 0x2D3D7E69  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/12-18:17:02.226850 24.209.98.148:2356 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:42407 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x889ED1A4  Ack: 0x573C12DE  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/12-18:17:02.250234 24.209.98.148:2356 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:42408 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x889ED758  Ack: 0x573C12DE  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-17:31:02.381535 24.209.98.148:1938 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:63181 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA3FD61FE  Ack: 0xE8F193B0  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-17:31:02.410216 24.209.98.148:1938 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:63182 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA3FD67B2  Ack: 0xE8F193B0  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-18:26:15.397446 24.209.98.148:1962 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:12673 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE6FC9A74  Ack: 0xB839FBD1  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-18:26:15.433578 24.209.98.148:1962 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:12674 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE6FCA028  Ack: 0xB839FBD1  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-20:23:19.556083 24.209.98.148:3226 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:14684 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7509CFA2  Ack: 0x7234A3D8  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/13-20:23:19.576479 24.209.98.148:3226 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:14685 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7509D556  Ack: 0x7234A3D8  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/14-19:30:35.490586 24.209.98.148:4424 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:42539 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE4600D72  Ack: 0xEB3E614F  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/14-19:30:35.521823 24.209.98.148:4424 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:42540 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE4601326  Ack: 0xEB3E614F  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/16-15:54:22.689747 24.209.98.148:3032 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:49035 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8DBF11E1  Ack: 0xCD3F36E4  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/16-15:54:22.697674 24.209.98.148:3032 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:49036 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8DBF1795  Ack: 0xCD3F36E4  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/16-15:58:29.746686 24.209.98.148:2324 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:8548 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA624A42B  Ack: 0xDC6757AF  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/16-15:58:29.779947 24.209.98.148:2324 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:8549 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA624A9DF  Ack: 0xDC6757AF  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/16-22:07:22.689129 24.209.98.148:4578 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:28303 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE6C74913  Ack: 0x4D5C9DDF  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/16-22:07:22.718714 24.209.98.148:4578 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:28304 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE6C74EC7  Ack: 0x4D5C9DDF  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-12:48:43.158026 24.209.98.148:4366 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:42820 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5B54D4F5  Ack: 0x4F338880  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-12:48:43.167642 24.209.98.148:4366 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:42821 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x5B54DAA9  Ack: 0x4F338880  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-13:00:33.828606 24.209.98.148:1257 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:56866 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA160C927  Ack: 0x7BE24ADB  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-13:00:33.848753 24.209.98.148:1257 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:56867 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA160CEDB  Ack: 0x7BE24ADB  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-13:37:20.597746 24.209.98.148:1636 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:29620 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x79BB084D  Ack: 0x6420B8D  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-13:37:20.619425 24.209.98.148:1636 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:29621 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x79BB0E01  Ack: 0x6420B8D  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-15:24:43.581946 24.209.98.148:1437 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:55819 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCBB4D212  Ack: 0x9BA1E096  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-15:24:43.610067 24.209.98.148:1437 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:55820 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xCBB4D7C6  Ack: 0x9BA1E096  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-15:29:32.848301 24.209.98.148:4806 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:12524 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE4D7DF86  Ack: 0xAEEDFB6C  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/17-15:29:32.879879 24.209.98.148:4806 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:12525 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE4D7E53A  Ack: 0xAEEDFB6C  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/18-12:28:39.626331 24.209.98.148:3489 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:9776 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xEDB11B90  Ack: 0x43C73427  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/18-12:28:39.649853 24.209.98.148:3489 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:9777 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xEDB12144  Ack: 0x43C73427  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/18-13:24:16.625890 24.209.98.148:3245 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:41909 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x30047463  Ack: 0x14564050  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/18-13:24:16.655863 24.209.98.148:3245 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:41910 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x30047A17  Ack: 0x14564050  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/18-14:20:33.586455 24.209.98.148:2423 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:33060 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x708AF29F  Ack: 0xE9753F78  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/18-14:20:33.605824 24.209.98.148:2423 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:33061 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x708AF853  Ack: 0xE9753F78  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/18-15:26:54.537955 24.209.98.148:1686 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:53626 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF2E39C1E  Ack: 0xE47A32EC  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/18-15:26:54.549422 24.209.98.148:1686 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:53627 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF2E3A1D2  Ack: 0xE47A32EC  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/19-18:22:19.773810 24.209.98.148:2430 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:25005 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB1E18140  Ack: 0xBA4A55C2  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/19-18:22:19.803684 24.209.98.148:2430 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:25006 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB1E186F4  Ack: 0xBA4A55C2  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/19-18:58:37.714043 24.209.98.148:1250 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:20893 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x84A232C9  Ack: 0x43E188AA  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/19-18:58:37.749350 24.209.98.148:1250 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:20894 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x84A2387D  Ack: 0x43E188AA  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/21-19:48:44.352589 24.209.98.148:3646 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:54542 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1B6F699  Ack: 0x80B365CE  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/21-19:48:44.378030 24.209.98.148:3646 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:54543 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x1B6FC4D  Ack: 0x80B365CE  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/21-20:27:14.863725 24.209.98.148:4512 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:58504 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE8EC4697  Ack: 0x11D3D095  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/21-20:27:14.892999 24.209.98.148:4512 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:58505 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xE8EC4C4B  Ack: 0x11D3D095  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/21-20:32:15.449670 24.209.98.148:1286 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:25704 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x657838F  Ack: 0x24FB6F60  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/21-20:32:15.489098 24.209.98.148:1286 -> 192.168.1.6:80
TCP TTL:54 TOS:0x0 ID:25705 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6578943  Ack: 0x24FB6F60  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-15:39:23.425134 24.209.98.148:2959 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:14953 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xC608C2C7  Ack: 0x51AC4352  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-15:39:23.435867 24.209.98.148:2959 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:14954 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xC608C87B  Ack: 0x51AC4352  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-16:15:52.360987 24.209.98.148:4227 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:6879 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9AC324A9  Ack: 0xDBD2CE9F  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-16:15:52.373009 24.209.98.148:4227 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:6880 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9AC32A5D  Ack: 0xDBD2CE9F  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-16:34:56.149944 24.209.98.148:2819 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:57930 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x831850C  Ack: 0x237F74E6  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/23-16:34:56.190233 24.209.98.148:2819 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:57931 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8318AC0  Ack: 0x237F74E6  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-12:23:32.514057 24.209.98.148:4739 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:58496 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9D7C5DBD  Ack: 0xAE01C89A  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/24-12:23:32.548239 24.209.98.148:4739 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:58497 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9D7C6371  Ack: 0xAE01C89A  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-02:16:28.361296 24.209.98.148:2304 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:28371 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB803B6ED  Ack: 0xF8AB2DA4  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-02:16:28.388654 24.209.98.148:2304 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:28372 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB803BCA1  Ack: 0xF8AB2DA4  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-18:38:02.069505 24.209.98.148:1353 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:64940 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xEC4B9FFA  Ack: 0x7415DD7D  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/25-18:38:02.107804 24.209.98.148:1353 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:64941 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xEC4BA5AE  Ack: 0x7415DD7D  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-21:44:30.108381 24.209.98.148:4685 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:24076 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6CD1FE5A  Ack: 0x748EF146  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/26-21:44:30.141613 24.209.98.148:4685 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:24077 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x6CD2040E  Ack: 0x748EF146  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/27-18:16:27.229580 24.209.98.148:1888 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:6410 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDCD917A  Ack: 0xA12775DC  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/27-18:16:27.289392 24.209.98.148:1888 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:6411 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDCD972E  Ack: 0xA12775DC  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/27-19:56:43.973700 24.209.98.148:1929 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:55445 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFCFF48F1  Ack: 0x1C100F7D  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/27-19:56:44.004422 24.209.98.148:1929 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:55446 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFCFF4EA5  Ack: 0x1C100F7D  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/28-17:50:07.521314 24.209.98.148:1555 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:18554 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x70D3B242  Ack: 0x7F304F6E  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/28-17:50:07.561523 24.209.98.148:1555 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:18555 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x70D3B7F6  Ack: 0x7F304F6E  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/28-18:34:04.215663 24.209.98.148:2216 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:46078 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7262217D  Ack: 0x24C143F1  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/28-18:34:04.257247 24.209.98.148:2216 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:46079 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x72622731  Ack: 0x24C143F1  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/28-18:35:25.564679 24.209.98.148:4508 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:54900 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7A29D191  Ack: 0x28D05A42  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/28-18:35:25.572961 24.209.98.148:4508 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:54901 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7A29D745  Ack: 0x28D05A42  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-19:39:01.495378 24.209.98.148:2023 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:64189 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8DBE1ECE  Ack: 0x59F01F0A  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/29-19:39:01.534185 24.209.98.148:2023 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:64190 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8DBE2482  Ack: 0x59F01F0A  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-16:40:02.874405 24.209.98.148:1968 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:1810 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x324E764B  Ack: 0xF5C459D8  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-16:40:02.898193 24.209.98.148:1968 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:1811 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x324E7BFF  Ack: 0xF5C459D8  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-17:54:44.482301 24.209.98.148:4753 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:6206 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD12459A4  Ack: 0xF7F3478  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-17:54:44.511787 24.209.98.148:4753 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:6207 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD1245F58  Ack: 0xF7F3478  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-17:55:13.514613 24.209.98.148:1540 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:9124 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD3AF4DFF  Ack: 0x1166B6A1  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-17:55:13.564558 24.209.98.148:1540 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:9125 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD3AF53B3  Ack: 0x1166B6A1  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-18:03:04.101453 24.209.98.148:1812 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:56511 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFD50E779  Ack: 0x2FD8A6DE  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/30-18:03:04.130563 24.209.98.148:1812 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:56512 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFD50ED2D  Ack: 0x2FD8A6DE  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
05/31-01:11:27.844378 24.209.98.148:3162 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:6229 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDA2A9B12  Ack: 0x82856B76  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
05/31-01:11:27.873973 24.209.98.148:3162 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:6230 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDA2AA0C6  Ack: 0x82856B76  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/02-22:44:59.148083 24.209.98.148:4304 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:48729 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDF5A143D  Ack: 0x1761FD99  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/02-22:44:59.191531 24.209.98.148:4304 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:48730 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDF5A19F1  Ack: 0x1761FD99  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/03-23:49:51.680217 24.209.98.148:3700 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:17208 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB692D3FC  Ack: 0x4BBF0C80  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/03-23:49:51.706911 24.209.98.148:3700 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:17209 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xB692D9B0  Ack: 0x4BBF0C80  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/05-22:04:23.686022 24.209.98.148:1501 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:36302 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9CA35A95  Ack: 0x3CD1B4DC  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/05-22:04:23.716529 24.209.98.148:1501 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:36303 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x9CA36049  Ack: 0x3CD1B4DC  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-16:17:50.261986 24.209.98.148:2455 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:23177 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x60280EBC  Ack: 0x5F5F80DB  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/06-16:17:50.292525 24.209.98.148:2455 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:23178 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x60281470  Ack: 0x5F5F80DB  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/07-17:39:29.838127 24.209.98.148:2830 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:57282 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x684F1E9E  Ack: 0xD462333A  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/07-17:39:29.868006 24.209.98.148:2830 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:57283 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x684F2452  Ack: 0xD462333A  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/09-17:51:10.680121 24.209.98.148:4072 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:58074 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xAC49EA51  Ack: 0x8047F872  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/09-17:51:10.710369 24.209.98.148:4072 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:58075 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xAC49F005  Ack: 0x8047F872  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/09-18:58:06.372689 24.209.98.148:2035 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:21141 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2CE7618A  Ack: 0x7BF9A2AA  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/09-18:58:06.413247 24.209.98.148:2035 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:21142 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2CE7673E  Ack: 0x7BF9A2AA  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/09-20:28:08.530580 24.209.98.148:4830 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:14016 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2D78B4FB  Ack: 0xD0BBCEA7  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/09-20:28:08.583645 24.209.98.148:4830 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:14017 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x2D78BAAF  Ack: 0xD0BBCEA7  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/09-21:24:35.656391 24.209.98.148:1138 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:57100 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7D1EF53A  Ack: 0xA671661A  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/09-21:24:35.680175 24.209.98.148:1138 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:57101 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x7D1EFAEE  Ack: 0xA671661A  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/09-23:33:40.382162 24.209.98.148:3209 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:63215 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x71A385FF  Ack: 0x8E20A5A3  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/09-23:33:40.411615 24.209.98.148:3209 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:63216 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x71A38BB3  Ack: 0x8E20A5A3  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/10-12:40:17.257162 24.209.98.148:2357 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:57852 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFFD147C1  Ack: 0x29B62FD5  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/10-12:40:17.275108 24.209.98.148:2357 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:57853 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xFFD14D75  Ack: 0x29B62FD5  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/10-19:20:15.121351 24.209.98.148:2526 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:11551 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x96BA5E39  Ack: 0x107710EB  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/10-19:20:15.146040 24.209.98.148:2526 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:11552 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x96BA63ED  Ack: 0x107710EB  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/10-23:12:20.618630 24.209.98.148:4354 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:16086 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD3933E9D  Ack: 0x7DA1A8FF  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/10-23:12:20.649678 24.209.98.148:4354 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:16087 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xD3934451  Ack: 0x7DA1A8FF  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/12-17:45:30.913866 24.209.98.148:4211 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:46168 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x31E41C24  Ack: 0x2AAC8FB3  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/12-17:45:30.928002 24.209.98.148:4211 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:46169 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x31E421D8  Ack: 0x2AAC8FB3  Win: 0xFAF0  TcpLen: 20

[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**]
[Classification: Web Application Attack] [Priority: 1] 
06/15-17:05:59.631497 24.209.98.148:2739 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:8228 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDED41C13  Ack: 0x54104576  Win: 0xFAF0  TcpLen: 20
[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552]

[**] [1:1002:5] WEB-IIS cmd.exe access [**]
[Classification: Web Application Attack] [Priority: 1] 
06/15-17:05:59.660073 24.209.98.148:2739 -> 192.168.1.6:80
TCP TTL:55 TOS:0x0 ID:8229 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xDED421C7  Ack: 0x54104576  Win: 0xFAF0  TcpLen: 20

Go to: overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Jun 17 09:03:52 2003

24.209.98.148	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade