[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/01-00:19:55.190567 24.239.142.141:4754 -> 192.168.1.6:80 TCP TTL:113 TOS:0x0 ID:6833 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x42B9AF0 Ack: 0xB4A8A119 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/01-00:19:55.221357 24.239.142.141:4754 -> 192.168.1.6:80 TCP TTL:113 TOS:0x0 ID:6834 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x42BA0A4 Ack: 0xB4A8A119 Win: 0x4470 TcpLen: 20 |
[**] [1:1243:8] WEB-IIS ISAPI .ida attempt [**] [Classification: Web Application Attack] [Priority: 1] 05/05-00:34:14.205249 24.239.142.141:2213 -> 192.168.1.6:80 TCP TTL:114 TOS:0x0 ID:31752 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x37957A61 Ack: 0xE9403176 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0071][Xref => http://www.securityfocus.com/bid/1065][Xref => http://www.whitehats.com/info/IDS552] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 05/05-00:34:14.247447 24.239.142.141:2213 -> 192.168.1.6:80 TCP TTL:114 TOS:0x0 ID:31753 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x37958015 Ack: 0xE9403176 Win: 0x4470 TcpLen: 20 |