SnortSnarf alert page

Source: 130.54.208.193: #401-500

SnortSnarf v021111.1

Signature section (16810)

Top 20 source IPs

Top 20 dest IPs

Looking using input module SnortFileInput, with sources:

/var/log/snort/alert

Earliest: 10:22:03.201594 on 05/22/2010
Latest: 08:46:02.037392 on 05/30/2010

9 different signatures are present for 130.54.208.193 as a source

3 instances of IMAP authenticate overflow attempt
4 instances of WEB-MISC cross site scripting attempt
4 instances of (http_inspect) OVERSIZE CHUNK ENCODING
5 instances of (http_inspect) BARE BYTE UNICODE ENCODING
9 instances of WEB-MISC http directory traversal
9 instances of WEB-MISC Invalid HTTP Version String
13 instances of WEB-PHP test.php access
223 instances of IMAP status overflow attempt
428 instances of IMAP fetch overflow attempt

There are 1 distinct destination IPs in the alerts of the type on this page.

130.54.208.193 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

Go to: previous range, next range, all alerts, overview page

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/22-10:22:03.201594 130.54.208.193:33711 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1451
***AP*** Seq: 0x8BC145D8  Ack: 0xFB0D7863  Win: 0x3624  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/22-10:51:41.095518 130.54.208.193:33711 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1501
***AP*** Seq: 0xFB0D8BC9  Ack: 0x8BC15150  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/22-10:51:43.635684 130.54.208.193:33711 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:592
***AP*** Seq: 0xFB0D9DDB  Ack: 0x8BC15378  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/22-10:51:51.310318 130.54.208.193:33711 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:503
***AP*** Seq: 0x8BC1539F  Ack: 0xFB0D9F28  Win: 0x56A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/22-10:58:02.907383 130.54.208.193:33724 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:548
***AP*** Seq: 0xE226B8C9  Ack: 0x6A0B169F  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/22-10:58:06.230271 130.54.208.193:33724 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:982
***AP*** Seq: 0xE226BE66  Ack: 0x6A0B1A4D  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/22-11:30:50.393677 130.54.208.193:33724 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1490
***AP*** Seq: 0xE226E784  Ack: 0x6A0B27C3  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/22-11:30:55.467913 130.54.208.193:33724 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1471
***AP*** Seq: 0x6A0B2A2B  Ack: 0xE226F11B  Win: 0x71B2  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/22-12:01:17.107498 130.54.208.193:4922 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:470
***AP*** Seq: 0xF404FC73  Ack: 0xD1AA69BC  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/22-18:04:44.043266 130.54.208.193:36106 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:309
***AP*** Seq: 0x2CD21BFF  Ack: 0xD0B2AD16  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/22-18:04:44.428165 130.54.208.193:36106 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:265
***AP*** Seq: 0x2CD21D3E  Ack: 0xD0B2ADF7  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/23-08:27:57.227586 130.54.208.193:33756 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:245
***AP*** Seq: 0xD1058DFD  Ack: 0x6C381ADD  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/23-08:28:00.981960 130.54.208.193:33756 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:225
***AP*** Seq: 0xD10642F3  Ack: 0x6C381B96  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/23-08:28:03.178276 130.54.208.193:33756 -> 192.168.24.11:143
TCP TTL:47 TOS:0x0 ID:21650 IpLen:20 DgmLen:261 DF
***AP*** Seq: 0x6C381C4F  Ack: 0xD10676F5  Win: 0x7C86  TcpLen: 32
TCP Options (3) => NOP NOP TS: 69318804 387823968 
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/23-08:42:36.922390 130.54.208.193:33756 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:2938
***AP*** Seq: 0xD107C288  Ack: 0x6C384297  Win: 0x3240  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/23-08:51:46.483782 130.54.208.193:1814 -> 192.168.24.11:80
TCP TTL:111 TOS:0x0 ID:59401 IpLen:20 DgmLen:699 DF
***AP*** Seq: 0x1E16B74C  Ack: 0x3CF77E69  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/23-09:15:11.264280 130.54.208.193:33756 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1471
***AP*** Seq: 0x6C3858AD  Ack: 0xD108C584  Win: 0x7C86  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/23-09:42:44.228661 130.54.208.193:2080 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:705
***AP*** Seq: 0xA8193A91  Ack: 0xFD7C7239  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/23-09:43:06.772704 130.54.208.193:2081 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:705
***AP*** Seq: 0xE0A7ECCA  Ack: 0xFEC3F1D0  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/23-14:46:23.204734 130.54.208.193:34146 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1451
***AP*** Seq: 0xC87D84EA  Ack: 0x3D21D647  Win: 0x56A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/24-08:35:51.065954 130.54.208.193:34540 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:355
***AP*** Seq: 0x2A245606  Ack: 0x96759944  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/24-08:35:51.725640 130.54.208.193:34540 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:245
***AP*** Seq: 0x2A24C862  Ack: 0x96759A11  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/24-08:35:52.378372 130.54.208.193:34540 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:254
***AP*** Seq: 0x2A254893  Ack: 0x96759AE7  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/24-08:36:10.962462 130.54.208.193:34540 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:260
***AP*** Seq: 0x2A254FFD  Ack: 0x96759BC3  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/24-08:36:12.531764 130.54.208.193:34540 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:479
***AP*** Seq: 0x2A2585DB  Ack: 0x96759D7A  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/24-11:07:14.298756 130.54.208.193:34599 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1388
***AP*** Seq: 0x33E2E57C  Ack: 0x9C7ED9D9  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/24-11:12:41.259787 130.54.208.193:3852 -> 192.168.24.11:80
TCP TTL:111 TOS:0x0 ID:31673 IpLen:20 DgmLen:720 DF
***AP*** Seq: 0xF4BC5542  Ack: 0x8503B0E5  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/24-11:19:50.098040 130.54.208.193:3870 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1380
***AP*** Seq: 0xD4731BF9  Ack: 0xA1273118  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/24-11:20:12.091052 130.54.208.193:1037 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:724
***AP*** Seq: 0x915C7C63  Ack: 0xA26E1414  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/24-11:22:42.955148 130.54.208.193:3880 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:699
***AP*** Seq: 0x3C236B2E  Ack: 0xAB4E60F9  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/24-11:23:15.563412 130.54.208.193:3881 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1405
***AP*** Seq: 0x4B49616F  Ack: 0xAD166A38  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/24-11:23:40.352167 130.54.208.193:3882 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1367
***AP*** Seq: 0xC6648D34  Ack: 0xB04A28FA  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/24-12:11:36.909659 130.54.208.193:4107 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:699
***AP*** Seq: 0x7D3CC500  Ack: 0x64158ABE  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/24-12:25:20.967875 130.54.208.193:4164 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:705
***AP*** Seq: 0xAF7FE15C  Ack: 0x97B9C68F  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/24-15:35:12.302852 130.54.208.193:34727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:246
***AP*** Seq: 0x6381E7A0  Ack: 0xC3F785E1  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/24-21:20:36.994280 130.54.208.193:34856 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1167
***AP*** Seq: 0xA4173204  Ack: 0x4D9D16B7  Win: 0x40F8  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1844:9] IMAP authenticate overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/25-08:27:38.806761 130.54.208.193:35085 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:243
***AP*** Seq: 0x4D38EB72  Ack: 0x90DA25B7  Win: 0x16A0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10292][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0042]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/25-08:33:23.921421 130.54.208.193:35085 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:204
***AP*** Seq: 0x4D39789B  Ack: 0x90DA2DB9  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/25-08:33:24.469751 130.54.208.193:35085 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:204
***AP*** Seq: 0x4D39F874  Ack: 0x90DA2E5D  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/25-08:33:25.250060 130.54.208.193:35085 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:182
***AP*** Seq: 0x4D3A09D2  Ack: 0x90DA2EEB  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/25-08:33:26.504676 130.54.208.193:35085 -> 192.168.24.11:143
TCP TTL:47 TOS:0x0 ID:32288 IpLen:20 DgmLen:261 DF
***AP*** Seq: 0x90DA2F3F  Ack: 0x4D3A3D3E  Win: 0x7C86  TcpLen: 32
TCP Options (3) => NOP NOP TS: 86630775 405136737 
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:2152:1] WEB-PHP test.php access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/25-09:12:47.505842 130.54.208.193:1375 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:699
***AP*** Seq: 0xDF71302  Ack: 0xF79A2DEE  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11617]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/25-17:46:55.466626 130.54.208.193:35308 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1139
***AP*** Seq: 0x839A1222  Ack: 0xB73192CD  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/25-22:37:06.128500 130.54.208.193:35411 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:244
***AP*** Seq: 0x93F4C877  Ack: 0xC0711F3F  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/26-08:28:33.672508 130.54.208.193:1094 -> 192.168.24.11:143
TCP TTL:111 TOS:0x0 ID:1287 IpLen:20 DgmLen:254 DF
***AP*** Seq: 0xA3492485  Ack: 0x82A5BDD3  Win: 0xFFFF  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/26-08:28:38.716533 130.54.208.193:1094 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:286
***AP*** Seq: 0x82A67EAB  Ack: 0xA3492674  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/26-08:28:55.036613 130.54.208.193:1094 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:450
***AP*** Seq: 0x82A69EE4  Ack: 0xA349280E  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/26-08:29:07.448198 130.54.208.193:1094 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:366
***AP*** Seq: 0x82A79489  Ack: 0xA3492954  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/26-08:29:27.093457 130.54.208.193:1094 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:513
***AP*** Seq: 0x82AA6037  Ack: 0xA3492B2D  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/26-08:29:57.088814 130.54.208.193:1094 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:531
***AP*** Seq: 0x82AAAA54  Ack: 0xA3492D18  Win: 0x2180  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/26-08:29:59.615596 130.54.208.193:1094 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:517
***AP*** Seq: 0x82AABBB9  Ack: 0xA3492EF5  Win: 0x25B0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/26-08:33:40.970001 130.54.208.193:1094 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:404
***AP*** Seq: 0x82AB4FF1  Ack: 0xA34930DF  Win: 0x25B0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:23:37.050293 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:246
***AP*** Seq: 0x2B77A7AE  Ack: 0x265E9E2A  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:23:37.514642 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:265
***AP*** Seq: 0x2B77A8ED  Ack: 0x265E9F0B  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:23:38.581692 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:532
***AP*** Seq: 0x2B77ABC5  Ack: 0x265EA0F7  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:23:39.284668 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:322
***AP*** Seq: 0x2B77AD64  Ack: 0x265EA211  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:17.944828 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:629
***AP*** Seq: 0x2B780E90  Ack: 0x265EA45E  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:28.355102 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:270
***AP*** Seq: 0x2B790845  Ack: 0x265EA544  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:28.355102 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:270
***AP*** Seq: 0x2B790845  Ack: 0x265EA544  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:30.164795 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:450
***AP*** Seq: 0x2B7A6900  Ack: 0x265EA6DE  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:30.164795 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:450
***AP*** Seq: 0x2B7A6900  Ack: 0x265EA6DE  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:32.026985 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:450
***AP*** Seq: 0x2B7BAEE4  Ack: 0x265EA878  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:32.026985 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:450
***AP*** Seq: 0x2B7BAEE4  Ack: 0x265EA878  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:33.034898 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:245
***AP*** Seq: 0x2B7D1124  Ack: 0x265EA945  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:35.296579 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:491
***AP*** Seq: 0x2B7F4F8F  Ack: 0x265EAB08  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:37.165776 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:409
***AP*** Seq: 0x2B81545B  Ack: 0x265EAC79  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:41.708583 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:47 TOS:0x0 ID:7950 IpLen:20 DgmLen:266 DF
***AP*** Seq: 0x265EAE0A  Ack: 0x2B832886  Win: 0x3E96  TcpLen: 32
TCP Options (3) => NOP NOP TS: 364284904 433164884 
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:44.944295 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:47 TOS:0x0 ID:8035 IpLen:20 DgmLen:266 DF
***AP*** Seq: 0x265EB092  Ack: 0x2B87283B  Win: 0x3E96  TcpLen: 32
TCP Options (3) => NOP NOP TS: 364288140 433165226 
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:45.988825 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:47 TOS:0x0 ID:8063 IpLen:20 DgmLen:266 DF
***AP*** Seq: 0x265EB16A  Ack: 0x2B887D54  Win: 0x3E96  TcpLen: 32
TCP Options (3) => NOP NOP TS: 364289185 433165335 
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:50.173154 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:47 TOS:0x0 ID:8179 IpLen:20 DgmLen:266 DF
***AP*** Seq: 0x265EB4CA  Ack: 0x2B8DD834  Win: 0x3E96  TcpLen: 32
TCP Options (3) => NOP NOP TS: 364293370 433165749 
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:51.264706 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:47 TOS:0x0 ID:8209 IpLen:20 DgmLen:266 DF
***AP*** Seq: 0x265EB5A2  Ack: 0x2B8F2E59  Win: 0x3E96  TcpLen: 32
TCP Options (3) => NOP NOP TS: 364294462 433165864 
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:24:53.383175 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:47 TOS:0x0 ID:8266 IpLen:20 DgmLen:277 DF
***AP*** Seq: 0x265EB752  Ack: 0x2B91D1C4  Win: 0x3E96  TcpLen: 32
TCP Options (3) => NOP NOP TS: 364296581 433166070 
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:25:03.180410 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:261
***AP*** Seq: 0x2B939839  Ack: 0x265EB912  Win: 0x4F90  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:25:07.715257 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:362
***AP*** Seq: 0x2B944238  Ack: 0x265EBA54  Win: 0x53C0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:25:20.318098 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:248
***AP*** Seq: 0x2B94C406  Ack: 0x265EBC04  Win: 0x53C0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:25:24.274278 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:342
***AP*** Seq: 0x2B957E7E  Ack: 0x265EBF2E  Win: 0x5C20  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:25:27.613863 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:337
***AP*** Seq: 0x2B9643DB  Ack: 0x265EC122  Win: 0x6050  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-14:25:32.523927 130.54.208.193:50047 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:433
***AP*** Seq: 0x2B96E3F8  Ack: 0x265EC2AB  Win: 0x6050  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-15:05:37.627390 130.54.208.193:49222 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1700
***AP*** Seq: 0xC717E988  Ack: 0xC278BAFE  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/28-15:05:41.562533 130.54.208.193:49222 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:569
***AP*** Seq: 0xC7188251  Ack: 0xC278BD0F  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/29-11:04:43.736197 130.54.208.193:40853 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1451
***AP*** Seq: 0x2F980DC  Ack: 0x51BA1D  Win: 0x3E96  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/29-13:35:43.589977 130.54.208.193:53996 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:260
***AP*** Seq: 0xA5291289  Ack: 0xA7B372B0  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/29-14:45:41.138975 130.54.208.193:38267 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:820
***AP*** Seq: 0xB4BB7FB1  Ack: 0xB7D35E9D  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:02.663505 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:449
***AP*** Seq: 0x9A9ACD10  Ack: 0xA3A5739D  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:03.520750 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:337
***AP*** Seq: 0x9A9ACEB9  Ack: 0xA3A574C6  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:04.296216 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x9A9AD054  Ack: 0xA3A575DB  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:04.922422 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:322
***AP*** Seq: 0x9A9AD1EF  Ack: 0xA3A576F5  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:05.814933 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:384
***AP*** Seq: 0x9A9AD3F8  Ack: 0xA3A5784D  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:33.757795 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:413
***AP*** Seq: 0x9A9AEE0A  Ack: 0xA3A579C2  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:40.799956 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:311
***AP*** Seq: 0x9A9B1088  Ack: 0xA3A57AD1  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:40.799956 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:311
***AP*** Seq: 0x9A9B1088  Ack: 0xA3A57AD1  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:42.039554 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:327
***AP*** Seq: 0x9A9CD9E2  Ack: 0xA3A57BF0  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:42.039554 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:327
***AP*** Seq: 0x9A9CD9E2  Ack: 0xA3A57BF0  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:44.021528 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:266
***AP*** Seq: 0x9A9D5A92  Ack: 0xA3A57CD2  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:44.560755 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:333
***AP*** Seq: 0x9A9D900D  Ack: 0xA3A57DF7  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:50.737942 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:459
***AP*** Seq: 0x9A9E6007  Ack: 0xA3A57F9A  Win: 0x2180  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:50.737942 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:459
***AP*** Seq: 0x9A9E6007  Ack: 0xA3A57F9A  Win: 0x2180  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:58.871254 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:268
***AP*** Seq: 0x9A9E7233  Ack: 0xA3A5807E  Win: 0x2180  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:45:59.347406 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:336
***AP*** Seq: 0x9A9E7906  Ack: 0xA3A581A6  Win: 0x25B0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/30-08:46:02.037392 130.54.208.193:41727 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:270
***AP*** Seq: 0x9A9EFB38  Ack: 0xA3A5828C  Win: 0x25B0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

Go to: previous range, next range, all alerts, overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Sep 14 05:05:21 2010

130.54.208.193	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade