SnortSnarf alert page

Destination: 192.168.24.11: #10001-10100

SnortSnarf v021111.1

Signature section (16810)

Top 20 source IPs

Top 20 dest IPs

Looking using input module SnortFileInput, with sources:

/var/log/snort/alert

Earliest: 16:37:02.179947 on 05/15/2010
Latest: 23:10:54.569759 on 05/16/2010

31 different signatures are present for 192.168.24.11 as a destination

1 instances of WEB-MISC long basic authorization string
1 instances of WEB-MISC Cisco IOS HTTP configuration attempt
2 instances of SNMP private access udp
2 instances of SNMP public access udp
2 instances of WEB-MISC WebDAV search access
3 instances of WEB-MISC /etc/passwd
3 instances of ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
4 instances of MS-SQL probe response overflow attempt
4 instances of WEB-MISC cross site scripting attempt
4 instances of SNMP request udp
4 instances of ATTACK-RESPONSES id check returned root
4 instances of (http_inspect) DOUBLE DECODING ATTACK
5 instances of WEB-PHP remote include path
5 instances of IMAP authenticate overflow attempt
6 instances of WEB-FRONTPAGE /_vti_bin/ access
9 instances of WEB-MISC apache directory disclosure attempt
9 instances of WEB-MISC Chunked-Encoding transfer attempt
13 instances of WEB-PHP test.php access
13 instances of (snort_decoder) WARNING: TCP Data Offset is less than 5!
17 instances of NETBIOS SMB trans2open buffer overflow attempt
38 instances of WEB-MISC http directory traversal
42 instances of ICMP Destination Unreachable Communication Administratively Prohibited
50 instances of (http_inspect) OVERSIZE REQUEST-URI DIRECTORY
57 instances of (http_inspect) OVERSIZE CHUNK ENCODING
85 instances of WEB-IIS view source via translate header
144 instances of WEB-MISC Invalid HTTP Version String
256 instances of IMAP status overflow attempt
347 instances of (http_inspect) IIS UNICODE CODEPOINT ENCODING
432 instances of (http_inspect) BARE BYTE UNICODE ENCODING
470 instances of IMAP fetch overflow attempt
14771 instances of WEB-MISC robots.txt access

There are 935 distinct source IPs in the alerts of the type on this page.

192.168.24.11 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

See also 192.168.24.11 as an alert source [7 alerts]

Go to: previous range, next range, all alerts, overview page

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-16:37:02.179947 72.30.110.28:57924 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x1308F9C4  Ack: 0x6B3AFCA0  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-16:55:26.417093 72.30.104.210:43055 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8D4DBCD1  Ack: 0xB1048CBC  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-17:12:31.371396 72.30.103.225:33506 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFCE2195E  Ack: 0xF108ADB7  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-17:19:13.205456 66.154.102.38:40312 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x7C6FE8FE  Ack: 0x97C4C16  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-17:33:40.156573 72.30.103.225:41899 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x4D886D9C  Ack: 0x402A6100  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1042:8] WEB-IIS view source via translate header [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-17:39:05.665211 86.203.89.215:3169 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:208
***AP*** Seq: 0x8820B313  Ack: 0x55484A75  Win: 0xFB34  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/1578][Xref => http://www.whitehats.com/info/IDS305]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-18:14:49.110731 66.154.102.38:34176 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x4DF3D7E9  Ack: 0xDB5AA364  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-18:29:19.743489 72.30.103.225:46773 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x1FE2745E  Ack: 0x12D752B4  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-18:39:41.291570 72.30.103.225:47016 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x46784C52  Ack: 0x39A3A415  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-18:46:56.828901 130.54.208.193:32920 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1320
***AP*** Seq: 0x54DE56C1  Ack: 0xB1E96E69  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-19:06:50.846391 207.46.98.49:29115 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x31A7C63D  Ack: 0x9F6BEB5D  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-19:07:30.799059 130.54.208.193:32920 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:563
***AP*** Seq: 0x54DF0312  Ack: 0xB1E975D4  Win: 0x2180  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-19:25:06.584746 130.54.208.193:32920 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1451
***AP*** Seq: 0xB1E9763E  Ack: 0x54DF0411  Win: 0x875A  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-19:26:17.063947 72.30.103.225:32966 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF65F2E00  Ack: 0xE9438307  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-19:27:13.993156 66.154.102.38:45659 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x5EA8AFFB  Ack: 0xEC4D3331  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-19:36:19.709267 72.30.103.225:39222 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x1CB3D90C  Ack: 0xF5478E9  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-19:42:31.339437 68.142.250.28:42210 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFFB29104  Ack: 0x268F8817  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-19:47:17.585574 72.30.103.225:38188 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x452318AB  Ack: 0x38DAEC90  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-20:00:30.996968 72.30.103.225:58844 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x77B457E3  Ack: 0x6B13EE73  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-20:17:03.743126 66.154.102.38:34305 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x1ADC63E7  Ack: 0xA8F0CD41  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-20:28:28.275203 68.142.250.28:42170 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xACC74C5B  Ack: 0xD3BCD4DA  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-20:31:09.754221 66.154.102.38:47170 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x5087BAB5  Ack: 0xDE4E7337  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-20:55:49.502909 222.149.252.44:34317 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:199
***AP*** Seq: 0xE9BC29E0  Ack: 0x3A9A944D  Win: 0x888  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-21:10:20.333592 72.30.103.225:45783 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7FA156B1  Ack: 0x71B23AAE  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-21:19:13.691120 72.30.103.225:39104 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA184A650  Ack: 0x92D495DF  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-21:37:31.819648 68.142.250.28:42843 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB1A071E6  Ack: 0xD92DDFBC  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-22:01:51.487590 72.30.103.225:33050 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x41737DB9  Ack: 0x33417992  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-22:38:44.377019 68.142.250.28:53195 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x991D77EE  Ack: 0xBE3F436A  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-22:38:50.607489 72.30.103.225:52878 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xCE501F61  Ack: 0xBE84BD60  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-22:40:10.938026 66.154.102.38:50431 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x3841CC14  Ack: 0xC4962C33  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/15-23:11:30.120510 192.168.24.52:1134 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:5120 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x9769FE00  Ack: 0x3ADE07DE  Win: 0xFB34  TcpLen: 20

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-23:40:37.572170 68.142.250.28:50378 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x82590E1F  Ack: 0xA7ED089B  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-00:07:10.345178 66.154.102.38:43446 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x80C247B4  Ack: 0xD161684  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-00:27:06.551066 66.154.102.38:33100 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xCBAB8574  Ack: 0x5736611F  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-00:35:33.967709 68.142.250.28:45884 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x51BC3805  Ack: 0x772BF452  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-00:59:16.731459 72.30.104.210:47810 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xAFBC9F9C  Ack: 0xD11F9DB4  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-01:00:47.924604 66.154.102.38:35383 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x4B8E0870  Ack: 0xD6409897  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-01:08:46.072775 72.30.104.210:52774 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD42F27A9  Ack: 0xF5242453  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-01:14:47.878917 66.154.102.38:47994 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x7EEFAB2A  Ack: 0xBF35A28  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-01:32:07.692488 68.142.250.28:45323 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x27869DF7  Ack: 0x4D07F484  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-01:50:46.297412 66.249.66.39:51447 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:592
***AP*** Seq: 0xA62A658E  Ack: 0x932EACEA  Win: 0x1658  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-02:06:33.132575 72.30.104.210:57759 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xADD1D751  Ack: 0xCF01C257  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-03:00:14.224886 66.154.102.38:56318 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xD2F23D7  Ack: 0x98F8F739  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-04:36:15.439459 72.30.98.72:44810 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x17017A4E  Ack: 0x327AB45  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-04:50:46.487483 72.30.98.152:60867 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7467597F  Ack: 0x3A166FA5  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-05:02:43.833629 72.30.110.139:39323 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x460516CA  Ack: 0x668AAD4B  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-05:06:00.897409 72.30.110.224:56211 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8C094E54  Ack: 0x73AE2190  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-05:40:58.070779 66.154.102.38:56472 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x6AAE93BD  Ack: 0xF6C6725D  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-07:22:22.343808 72.30.97.215:33580 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x49681BFD  Ack: 0x75994B67  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-08:30:53.732820 68.142.250.76:44851 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xEBBFBC17  Ack: 0x77B5BFF6  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-09:01:16.359444 72.30.97.215:59645 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBF16237A  Ack: 0xEA1F1105  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-09:22:21.908992 72.30.97.215:48719 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE965C10  Ack: 0x39CA6824  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-09:45:25.963096 207.46.98.49:50755 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x45993C82  Ack: 0x90D17586  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-09:58:30.675437 130.54.208.193:32941 -> 192.168.24.11:143
TCP TTL:47 TOS:0x0 ID:20689 IpLen:20 DgmLen:261 DF
***AP*** Seq: 0x5C802F62  Ack: 0xA5374D7F  Win: 0x875A  TcpLen: 32
TCP Options (3) => NOP NOP TS: 9383182 327885202 
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-09:58:34.853288 130.54.208.193:32941 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:394
***AP*** Seq: 0xA537CC12  Ack: 0x5C803290  Win: 0x2180  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-09:58:38.235674 130.54.208.193:32941 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:289
***AP*** Seq: 0xA5380D20  Ack: 0x5C803389  Win: 0x2180  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-10:07:51.091123 72.30.97.215:35449 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB9B34B31  Ack: 0xE590E001  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-10:15:48.630246 72.30.97.215:54294 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD8DECC51  Ack: 0x37DF6B7  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-10:26:03.060853 72.30.97.215:37981 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFED03BAC  Ack: 0x2A7F05DF  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-10:37:50.781371 72.30.97.215:44256 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2B1D53AA  Ack: 0x56C3CA8E  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-11:16:45.819613 72.30.97.215:54438 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBEBAB9A3  Ack: 0xE99732E2  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-11:32:06.496929 130.54.208.193:33150 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:804
***AP*** Seq: 0xD45CC597  Ack: 0x23AA03AE  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-12:14:13.663675 66.249.66.39:49876 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:770
***AP*** Seq: 0xD927E35F  Ack: 0xC1EA0449  Win: 0x1658  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-12:23:27.148075 130.54.208.193:45937 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:246
***AP*** Seq: 0xE3AC770C  Ack: 0x55098D15  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-12:23:27.600163 130.54.208.193:45937 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:265
***AP*** Seq: 0xE3AC784B  Ack: 0x55098DF6  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-12:23:28.340675 130.54.208.193:45937 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:319
***AP*** Seq: 0xE3AC79ED  Ack: 0x55098F0D  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-12:23:28.856951 130.54.208.193:45937 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:253
***AP*** Seq: 0xE3AC7B21  Ack: 0x55098FE2  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-12:24:52.020865 130.54.208.193:45937 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:906
***AP*** Seq: 0xE3AC8792  Ack: 0x55099344  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-12:24:56.400777 130.54.208.193:45937 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:247
***AP*** Seq: 0xE3AD2663  Ack: 0x55099413  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-12:24:56.400777 130.54.208.193:45937 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:247
***AP*** Seq: 0xE3AD2663  Ack: 0x55099413  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-12:55:22.698520 72.30.98.11:36072 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2A47F574  Ack: 0x5CFD98BE  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-13:09:07.319977 72.30.98.11:46953 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x5D175330  Ack: 0x901CD86C  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-14:47:56.075184 72.30.98.11:33169 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD2DBF26A  Ack: 0x51EC898  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-14:59:42.034085 130.54.208.193:40291 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:177
***AP*** Seq: 0xA2A0FDA3  Ack: 0x31639BA2  Win: 0x3E96  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-15:24:45.915543 130.54.208.193:40291 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1482
***AP*** Seq: 0x3163A49A  Ack: 0xA2A10399  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-15:24:49.094084 130.54.208.193:40291 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:177
***AP*** Seq: 0xA2A105C5  Ack: 0x316447A3  Win: 0x3E96  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-15:32:01.321320 72.30.98.11:47275 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7985F4B6  Ack: 0xAB957B2C  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-15:36:21.685332 68.142.250.93:42934 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x4724EF2B  Ack: 0xBBAFD862  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/16-16:48:51.629590 130.54.208.193:34618 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:554
***AP*** Seq: 0xCBB96C78  Ack: 0x3DB55B46  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-17:03:10.989052 68.142.250.93:49788 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8E447BC3  Ack: 0x30C4F44  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-17:50:03.270520 72.30.98.11:54768 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x82D998EF  Ack: 0xB3A80348  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-18:06:27.134175 72.30.98.11:41392 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xC0B892A3  Ack: 0xF1EF6377  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-18:11:49.292401 68.142.250.93:33578 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x91B8FD56  Ack: 0x5C3EDA4  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-18:34:58.973082 72.30.98.11:34671 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2CDDF7F7  Ack: 0x5C5AC1D3  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-19:19:57.897965 68.142.250.93:37918 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x92871782  Ack: 0x6A09272  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-19:59:44.761886 72.30.98.11:51805 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6CB8E712  Ack: 0x9CB361E7  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-20:19:37.589386 72.30.98.11:43482 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB83C450D  Ack: 0xE80D98EC  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-20:27:36.983449 207.46.98.49:42148 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x5FA4107E  Ack: 0x53CBF87  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-20:34:36.900924 72.30.98.11:42444 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF0A156AE  Ack: 0x20A8A303  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-20:47:20.642317 68.142.250.93:44828 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xDCD0A7AE  Ack: 0x4FD5AA78  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-20:51:00.142717 65.214.44.116:45980 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:259
***AP*** Seq: 0x20A6A27C  Ack: 0x5DEE48F6  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-21:15:30.233293 72.30.98.11:34844 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8A6A2C80  Ack: 0xBA7B290C  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-21:57:21.672602 72.30.98.11:54306 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x286AB1CB  Ack: 0x5829D688  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-21:59:28.209317 68.142.250.93:55166 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xECB38DFE  Ack: 0x60294D5A  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-22:12:27.573083 72.30.98.11:40019 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x61490CD3  Ack: 0x90FD6BD3  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/16-22:44:20.902640 72.30.98.11:42727 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD97EDE58  Ack: 0x9B9052B  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/16-22:57:34.830715 192.168.24.52:1373 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:14911 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xF3A767A2  Ack: 0x3AF22E24  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/16-23:09:19.112714 192.168.24.52:1409 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:15650 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xA2285725  Ack: 0x67BE54BD  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/16-23:10:06.978096 192.168.24.52:1410 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:15715 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xC7BE8C  Ack: 0x6A93E157  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/16-23:10:54.569759 192.168.24.52:1412 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:15770 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x624D0DF7  Ack: 0x6D0D1DB0  Win: 0xFB34  TcpLen: 20

Go to: previous range, next range, all alerts, overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Sep 14 05:05:37 2010

192.168.24.11	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade
See also 192.168.24.11 as an alert source [7 alerts]