SnortSnarf alert page

Destination: 192.168.24.11: #1201-1300

SnortSnarf v021111.1

Signature section (16810)

Top 20 source IPs

Top 20 dest IPs

Looking using input module SnortFileInput, with sources:

/var/log/snort/alert

Earliest: 20:03:08.746848 on 10/16/2009
Latest: 05:05:05.021484 on 10/19/2009

31 different signatures are present for 192.168.24.11 as a destination

1 instances of WEB-MISC long basic authorization string
1 instances of WEB-MISC Cisco IOS HTTP configuration attempt
2 instances of SNMP private access udp
2 instances of SNMP public access udp
2 instances of WEB-MISC WebDAV search access
3 instances of WEB-MISC /etc/passwd
3 instances of ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
4 instances of MS-SQL probe response overflow attempt
4 instances of WEB-MISC cross site scripting attempt
4 instances of SNMP request udp
4 instances of ATTACK-RESPONSES id check returned root
4 instances of (http_inspect) DOUBLE DECODING ATTACK
5 instances of WEB-PHP remote include path
5 instances of IMAP authenticate overflow attempt
6 instances of WEB-FRONTPAGE /_vti_bin/ access
9 instances of WEB-MISC apache directory disclosure attempt
9 instances of WEB-MISC Chunked-Encoding transfer attempt
13 instances of WEB-PHP test.php access
13 instances of (snort_decoder) WARNING: TCP Data Offset is less than 5!
17 instances of NETBIOS SMB trans2open buffer overflow attempt
38 instances of WEB-MISC http directory traversal
42 instances of ICMP Destination Unreachable Communication Administratively Prohibited
50 instances of (http_inspect) OVERSIZE REQUEST-URI DIRECTORY
57 instances of (http_inspect) OVERSIZE CHUNK ENCODING
85 instances of WEB-IIS view source via translate header
144 instances of WEB-MISC Invalid HTTP Version String
256 instances of IMAP status overflow attempt
347 instances of (http_inspect) IIS UNICODE CODEPOINT ENCODING
432 instances of (http_inspect) BARE BYTE UNICODE ENCODING
470 instances of IMAP fetch overflow attempt
14771 instances of WEB-MISC robots.txt access

There are 935 distinct source IPs in the alerts of the type on this page.

192.168.24.11 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

See also 192.168.24.11 as an alert source [7 alerts]

Go to: previous range, next range, all alerts, overview page

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/16-20:03:08.746848 74.6.65.238:34417 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE7BB5710  Ack: 0x8A540924  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/16-20:45:45.316848 74.6.65.238:47649 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x87AFA194  Ack: 0x2B30BB49  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/16-22:10:51.508398 74.6.65.238:44634 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xC9EFA293  Ack: 0x6C6D2C02  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/16-22:34:26.554894 74.6.65.238:40919 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x22B129EF  Ack: 0xC56D733B  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/16-22:58:00.365988 74.6.65.238:59456 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7C256481  Ack: 0x1F28DEE3  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/16-22:59:46.454305 192.168.24.52:1593 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:32632 IpLen:20 DgmLen:612 DF
***AP*** Seq: 0xF44EA8CF  Ack: 0x25DB7E77  Win: 0xFB34  TcpLen: 20

[**] [119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING [**]
10/16-23:14:31.159883 192.168.24.52:1781 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1145
***AP*** Seq: 0x200E0ECA  Ack: 0x5D8BD064  Win: 0xFB34  TcpLen: 20

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/16-23:45:31.381987 74.6.65.238:39865 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2EB1E169  Ack: 0xD223AC50  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-00:22:26.982545 74.6.65.238:58890 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB9A60416  Ack: 0x5D9E9B6E  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-02:17:20.870312 74.6.65.238:53601 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6C28B895  Ack: 0xF8CA0BE  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-02:45:09.435417 74.6.65.238:49003 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD5C26276  Ack: 0x78026455  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-03:08:48.714060 74.6.65.238:46640 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2F15CC35  Ack: 0xD1BD2F37  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-04:41:59.472570 74.6.65.238:41819 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8E828895  Ack: 0x31E881DC  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-05:07:52.830148 74.6.65.238:35640 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF1429A4C  Ack: 0x944693FA  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-05:37:50.210998 74.6.65.238:38819 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x620E4CC3  Ack: 0x4C70B28  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-06:33:02.795849 74.6.65.238:49779 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x31FDC120  Ack: 0xD56B30EA  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-06:56:20.184879 74.6.65.238:36652 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x89873E14  Ack: 0x2DB2AAEE  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-07:14:29.910332 193.47.80.36:56881 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:239
***AP*** Seq: 0x8E94472E  Ack: 0x71FDFD8F  Win: 0x44  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-07:58:07.165612 74.6.65.238:60909 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x74221A4B  Ack: 0x16B9879B  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-08:56:29.350199 74.6.65.238:58923 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x4F029327  Ack: 0xF33E8145  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-09:39:50.971794 74.6.65.238:50572 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF3926316  Ack: 0x963B4623  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-10:02:28.348988 74.6.65.238:39737 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x495D8465  Ack: 0xECAC4899  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-11:10:17.733209 74.6.65.238:57721 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x48FC7510  Ack: 0xEB89E681  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-12:36:09.034064 74.6.65.238:48855 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8D00D5F3  Ack: 0x312BB0C1  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-13:11:28.707985 65.214.44.190:39416 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:263
***AP*** Seq: 0xBEDA5634  Ack: 0xB5FD7AFC  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-13:32:36.906065 74.6.65.238:49796 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x634C8713  Ack: 0x631FBE6  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-14:11:15.360743 74.6.65.238:41226 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF444E5D7  Ack: 0x987294B0  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-15:04:19.310727 74.6.65.238:43520 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBD5DA12B  Ack: 0x60553939  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-15:33:18.294319 74.6.65.238:53818 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2A534C3B  Ack: 0xCDBEC762  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-15:41:41.049985 202.239.240.2:56606 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:791
***AP*** Seq: 0x38B3CEDD  Ack: 0xEDC9B3E0  Win: 0xA71C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-16:45:29.914733 74.6.65.238:60471 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x3AE87751  Ack: 0xDD8032F0  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-17:14:48.589140 74.6.65.238:53575 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA95CFAC4  Ack: 0x4C157649  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-18:14:01.685096 74.6.65.238:44807 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x89422414  Ack: 0x2BEB2A66  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-19:23:17.556108 74.6.65.238:60915 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8F1453F5  Ack: 0x31D5ACC9  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-20:28:19.259887 74.6.65.238:35355 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x84855653  Ack: 0x2817F605  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-21:15:38.100679 74.6.65.238:48844 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x372E87E0  Ack: 0xD99A8F75  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-21:52:53.457604 74.6.65.238:37554 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xC47065DC  Ack: 0x66F35AB1  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-21:55:46.775274 207.46.98.49:7010 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x6A56E77  Ack: 0x714A8586  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING [**]
10/17-22:47:36.877583 192.168.24.52:1188 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:2530
***AP*** Seq: 0x352690C2  Ack: 0x502680C4  Win: 0x608  TcpLen: 20

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/17-22:48:25.745146 74.6.65.238:49118 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x95D7FAD2  Ack: 0x38B0C5A3  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-00:17:59.532965 74.6.65.238:49503 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE835790C  Ack: 0x8AA672C6  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-00:54:39.652657 74.6.65.238:58099 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x72779B13  Ack: 0x14DD032B  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-02:20:08.197685 74.6.65.238:54644 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB521425F  Ack: 0x57DEEBA2  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-03:41:02.395648 74.6.65.238:37214 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE5BAB7D9  Ack: 0x89086055  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-04:41:02.690229 74.6.65.238:56307 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xC9197405  Ack: 0x6BB76747  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-04:54:25.065140 74.6.65.238:57632 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFBEC8EFE  Ack: 0x9E3EFD72  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-05:20:11.004432 74.6.65.238:37132 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x5D29915D  Ack: 0xFFE85ADB  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-06:03:00.855970 74.6.65.238:52287 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFEBBB71E  Ack: 0xA1E02836  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-06:59:34.630343 74.6.65.238:45502 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD4A35DA0  Ack: 0x77580DC3  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-08:08:13.314837 72.30.215.81:51851 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA58A4E93  Ack: 0x7AA85F18  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-08:29:04.155478 74.6.65.238:36661 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x25B75AD8  Ack: 0xC99F42C2  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-08:54:03.308566 74.6.65.238:35078 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x84A7AD7E  Ack: 0x2725F2B1  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-10:24:16.389488 207.46.98.47:20568 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x4E64DC8A  Ack: 0x7C12585D  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-10:26:24.208737 74.6.65.238:35151 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE06EB99A  Ack: 0x84B6687D  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-11:02:49.581780 74.6.65.238:34362 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6B226F10  Ack: 0xE7AAA62  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-13:08:17.163319 74.6.65.238:59905 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x44CC9CF0  Ack: 0xE8214C0C  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:2570:7] WEB-MISC Invalid HTTP Version String [**]
[Classification: Detection of a non-standard protocol or event] [Priority: 2] 
10/18-13:19:55.157324 202.246.252.97:33237 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1148
***AP*** Seq: 0x462D6ECB  Ack: 0x1352EEE5  Win: 0x1EA8  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11593][Xref => http://www.securityfocus.com/bid/9809]

[**] [1:2570:7] WEB-MISC Invalid HTTP Version String [**]
[Classification: Detection of a non-standard protocol or event] [Priority: 2] 
10/18-13:19:56.250238 202.246.252.97:40992 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:638
***AP*** Seq: 0x4ADCD4DC  Ack: 0x12F5900D  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11593][Xref => http://www.securityfocus.com/bid/9809]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-14:12:13.491881 74.6.65.238:41324 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x35F61E75  Ack: 0xD9222EDC  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-14:52:51.512748 74.6.65.238:46015 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xCFAFAD23  Ack: 0x72D66660  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-16:18:40.216664 207.46.98.47:21276 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0xFFFAAAF2  Ack: 0xB7014C25  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-16:33:58.340130 74.6.65.238:41272 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x4D3A8D33  Ack: 0xF0AF17CE  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-16:59:44.815044 74.6.65.238:40032 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xAE5BCA42  Ack: 0x5207995F  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:2570:7] WEB-MISC Invalid HTTP Version String [**]
[Classification: Detection of a non-standard protocol or event] [Priority: 2] 
10/18-17:46:56.024131 195.150.76.184:51652 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:553
***AP*** Seq: 0x35C5C93D  Ack: 0x3EFD967  Win: 0xFAF0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11593][Xref => http://www.securityfocus.com/bid/9809]

[**] [1:2570:7] WEB-MISC Invalid HTTP Version String [**]
[Classification: Detection of a non-standard protocol or event] [Priority: 2] 
10/18-17:47:48.202305 195.150.76.184:51673 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:349
***AP*** Seq: 0x3675A719  Ack: 0x79BB42E  Win: 0x81F0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11593][Xref => http://www.securityfocus.com/bid/9809]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-18:30:54.776926 74.6.65.238:37929 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6774E96  Ack: 0xA981FEDE  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-19:51:30.349898 74.6.65.238:54861 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x372C62CB  Ack: 0xDAB509E9  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-20:32:15.993579 74.6.65.238:34370 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD16A8FC4  Ack: 0x74FD319B  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-22:41:05.736287 74.6.65.238:34011 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB6F59E03  Ack: 0x5A3299E2  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:14:35.010242 192.168.24.52:1951 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:35206 IpLen:20 DgmLen:965 DF
***AP*** Seq: 0xE41AD19F  Ack: 0xD98E2BB9  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:27:41.521292 192.168.24.52:2010 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37020 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xFEE027FA  Ack: 0xB73DB6A  Win: 0xFB34  TcpLen: 20

[**] [119:15:1] (http_inspect) OVERSIZE REQUEST-URI DIRECTORY [**]
10/18-23:27:41.521415 192.168.24.52:2010 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37021 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0xFEE02D70  Ack: 0xB73DB6A  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:28:11.395855 192.168.24.52:2011 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37057 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x371A40BD  Ack: 0xC4B6120  Win: 0xFB34  TcpLen: 20

[**] [119:15:1] (http_inspect) OVERSIZE REQUEST-URI DIRECTORY [**]
10/18-23:28:11.395977 192.168.24.52:2011 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37058 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0x371A4633  Ack: 0xC4B6120  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:28:44.968284 192.168.24.52:2012 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37092 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x726D4354  Ack: 0xE77980F  Win: 0xFB34  TcpLen: 20

[**] [119:15:1] (http_inspect) OVERSIZE REQUEST-URI DIRECTORY [**]
10/18-23:28:44.968401 192.168.24.52:2012 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37093 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0x726D48CA  Ack: 0xE77980F  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:29:14.548576 192.168.24.52:2013 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37174 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x810BB3B4  Ack: 0x1048ABC9  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:30:51.271573 192.168.24.52:2015 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37389 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xB12FA695  Ack: 0x16672A3C  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:31:30.522413 192.168.24.52:2016 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37450 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x97E82D1D  Ack: 0x19A063E4  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:31:58.868823 192.168.24.52:2018 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37537 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xCB7AEBC6  Ack: 0x1B0354E6  Win: 0xFB34  TcpLen: 20

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/18-23:32:47.424732 74.6.65.238:36004 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7B6D5B0C  Ack: 0x1E60F403  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:33:26.645185 192.168.24.52:2020 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37681 IpLen:20 DgmLen:104 DF
***AP*** Seq: 0xEFA4C0F8  Ack: 0x2010F335  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:35:44.981261 192.168.24.52:2021 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:38006 IpLen:20 DgmLen:146 DF
***AP*** Seq: 0xC673FB8D  Ack: 0x28534F24  Win: 0xFB34  TcpLen: 20

[**] [119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING [**]
10/18-23:38:27.067996 192.168.24.52:2023 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:7543
***AP*** Seq: 0x81DAB22A  Ack: 0x331D2F78  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:40:51.226682 192.168.24.52:2024 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:38554 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xA631A42A  Ack: 0x3BBAC7BE  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:41:47.180226 192.168.24.52:2026 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:38609 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xEF398F4D  Ack: 0x3FE9B476  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:43:17.507293 192.168.24.52:2032 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:38703 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x9C7DF1EA  Ack: 0x45DA9553  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:43:43.704481 192.168.24.52:2033 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:38745 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x2AE1A7C8  Ack: 0x471BE792  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:45:34.146271 192.168.24.52:2035 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:38807 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x67EE161C  Ack: 0x4E3D229E  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:49:05.502397 192.168.24.52:2039 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:39037 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x4B125CED  Ack: 0x5B24A90A  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/18-23:50:02.941423 192.168.24.52:2041 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:39136 IpLen:20 DgmLen:178 DF
***AP*** Seq: 0x2B5EBDB1  Ack: 0x5EE59B42  Win: 0xFB34  TcpLen: 20

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/19-01:40:51.179204 136.187.19.99:13119 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:185
***AP*** Seq: 0x2E4810F  Ack: 0x168B05A  Win: 0x207C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:2570:7] WEB-MISC Invalid HTTP Version String [**]
[Classification: Detection of a non-standard protocol or event] [Priority: 2] 
10/19-01:41:32.984667 195.150.76.184:51585 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:553
***AP*** Seq: 0xD5081F03  Ack: 0x506F0D6  Win: 0xF9AB  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11593][Xref => http://www.securityfocus.com/bid/9809]

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
10/19-01:41:49.309996 195.150.76.184:51605 -> 192.168.24.11:80
TCP TTL:38 TOS:0x0 ID:2301 IpLen:20 DgmLen:376
***AP*** Seq: 0xD5621CE5  Ack: 0x544AFCD  Win: 0xFAF0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 50808 373810805

[**] [1:2570:7] WEB-MISC Invalid HTTP Version String [**]
[Classification: Detection of a non-standard protocol or event] [Priority: 2] 
10/19-01:45:33.550472 136.187.19.99:15879 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:4036
***AP*** Seq: 0x13EE68C2  Ack: 0x131076AB  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11593][Xref => http://www.securityfocus.com/bid/9809]

[**] [1:2570:7] WEB-MISC Invalid HTTP Version String [**]
[Classification: Detection of a non-standard protocol or event] [Priority: 2] 
10/19-01:49:15.819470 195.150.76.184:51909 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:359
***AP*** Seq: 0xDCA71331  Ack: 0x212A2D55  Win: 0xFAF0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=11593][Xref => http://www.securityfocus.com/bid/9809]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/19-02:06:05.946385 74.6.65.236:37775 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2B5BE5DA  Ack: 0x60C3B89C  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/19-03:26:57.160253 74.6.65.236:33524 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x5CC04B2E  Ack: 0x92A92315  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/19-04:27:36.485330 74.6.65.236:52589 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x41AA6C77  Ack: 0x77B37ACC  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
10/19-05:05:05.021484 74.6.65.236:54732 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xCFC1AE3A  Ack: 0x502D646  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

Go to: previous range, next range, all alerts, overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Sep 14 05:05:33 2010

192.168.24.11	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade
See also 192.168.24.11 as an alert source [7 alerts]