SnortSnarf alert page

Destination: 192.168.24.11: #16001-16100

SnortSnarf v021111.1

Signature section (16810)

Top 20 source IPs

Top 20 dest IPs

Looking using input module SnortFileInput, with sources:

/var/log/snort/alert

Earliest: 03:54:54.480773 on 08/21/2010
Latest: 00:02:45.992241 on 08/25/2010

31 different signatures are present for 192.168.24.11 as a destination

1 instances of WEB-MISC long basic authorization string
1 instances of WEB-MISC Cisco IOS HTTP configuration attempt
2 instances of SNMP private access udp
2 instances of SNMP public access udp
2 instances of WEB-MISC WebDAV search access
3 instances of WEB-MISC /etc/passwd
3 instances of ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
4 instances of MS-SQL probe response overflow attempt
4 instances of WEB-MISC cross site scripting attempt
4 instances of SNMP request udp
4 instances of ATTACK-RESPONSES id check returned root
4 instances of (http_inspect) DOUBLE DECODING ATTACK
5 instances of WEB-PHP remote include path
5 instances of IMAP authenticate overflow attempt
6 instances of WEB-FRONTPAGE /_vti_bin/ access
9 instances of WEB-MISC apache directory disclosure attempt
9 instances of WEB-MISC Chunked-Encoding transfer attempt
13 instances of WEB-PHP test.php access
13 instances of (snort_decoder) WARNING: TCP Data Offset is less than 5!
17 instances of NETBIOS SMB trans2open buffer overflow attempt
38 instances of WEB-MISC http directory traversal
42 instances of ICMP Destination Unreachable Communication Administratively Prohibited
50 instances of (http_inspect) OVERSIZE REQUEST-URI DIRECTORY
57 instances of (http_inspect) OVERSIZE CHUNK ENCODING
85 instances of WEB-IIS view source via translate header
144 instances of WEB-MISC Invalid HTTP Version String
256 instances of IMAP status overflow attempt
347 instances of (http_inspect) IIS UNICODE CODEPOINT ENCODING
432 instances of (http_inspect) BARE BYTE UNICODE ENCODING
470 instances of IMAP fetch overflow attempt
14771 instances of WEB-MISC robots.txt access

There are 935 distinct source IPs in the alerts of the type on this page.

192.168.24.11 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

See also 192.168.24.11 as an alert source [7 alerts]

Go to: previous range, next range, all alerts, overview page

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-03:54:54.480773 72.30.133.144:47460 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA282DA37  Ack: 0x14318CF5  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-06:43:43.787977 72.30.133.144:37292 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x20AF1DCB  Ack: 0x91E29788  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-08:18:55.660752 72.30.133.144:37005 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x87FB31DA  Ack: 0xF91412E8  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-08:22:48.619165 217.212.224.148:43069 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:299
***AP*** Seq: 0xE1D5D81C  Ack: 0x843267B  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-09:12:11.597188 217.212.224.141:51000 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:299
***AP*** Seq: 0xF00EDDD1  Ack: 0xC206852A  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-10:00:06.773934 72.30.133.144:38069 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x5959971  Ack: 0x76BD9FD1  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-10:27:32.293773 72.30.215.79:47296 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xACCD0319  Ack: 0xDF8D1842  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-11:17:52.467702 72.30.133.144:51189 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2B901793  Ack: 0x9D83355F  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-12:18:07.985357 217.212.224.141:56094 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:299
***AP*** Seq: 0xAE20D52D  Ack: 0x809F2992  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-12:19:42.340393 68.142.212.182:42221 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:203
***AP*** Seq: 0xA8C2873C  Ack: 0x86013FD3  Win: 0x81F0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-12:36:01.048275 217.212.224.148:35276 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:299
***AP*** Seq: 0x9E5F62CA  Ack: 0xC3CB8CB7  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-12:39:18.557881 217.212.224.147:39005 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:299
***AP*** Seq: 0x84BD75C9  Ack: 0xD0B12360  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-13:13:10.116107 65.214.44.190:47737 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:259
***AP*** Seq: 0x4224105D  Ack: 0x4FFA222B  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-13:15:45.369795 72.30.133.144:58638 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE88622EB  Ack: 0x593ADD12  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-14:28:14.341634 64.246.165.150:49925 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:250
***AP*** Seq: 0x62D33C83  Ack: 0x6BAE0917  Win: 0xFE32  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-15:41:18.551532 72.30.133.144:38726 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE4DC671  Ack: 0x7F757F2F  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-17:25:42.348476 72.30.133.144:38576 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x98CB8706  Ack: 0x94DF0B1  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-19:11:03.513586 72.30.133.144:42351 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2652FE56  Ack: 0x97C7D638  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-20:23:17.905119 72.30.133.144:43324 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x380F768C  Ack: 0xA847D167  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-22:04:51.587898 72.30.133.144:39298 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB70BB729  Ack: 0x27F2C94E  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
08/21-23:03:18.814643 192.168.24.52:1484 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:32133 IpLen:20 DgmLen:587 DF
***AP*** Seq: 0x5CA79AD4  Ack: 0x4FC2361  Win: 0xFB34  TcpLen: 20

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/21-23:52:21.496834 72.30.133.144:47024 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x4CC9488D  Ack: 0xBE8B1627  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-01:41:31.270873 72.30.216.15:57230 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x74657FE6  Ack: 0x5A065E26  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-02:49:36.941303 72.30.216.15:59027 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x750EBC0A  Ack: 0x5B812392  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-03:59:11.763791 72.30.216.15:60576 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7C6080E1  Ack: 0x624C5852  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-04:50:50.896873 207.46.98.48:39086 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x3DCBC957  Ack: 0x24F14049  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-05:53:09.385174 72.30.216.15:38853 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2AE5AF8C  Ack: 0x10DF7B0C  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-06:20:26.078969 207.46.98.47:60184 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0xEB80256B  Ack: 0x772052BA  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-06:35:34.464833 64.124.85.213:26932 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:332
***AP*** Seq: 0xC6DED47F  Ack: 0xB0BE5655  Win: 0x9  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-06:38:18.265265 72.30.216.15:49640 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD571A2AE  Ack: 0xBAB461CC  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-07:20:02.958053 207.46.98.49:38705 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x343D5D0C  Ack: 0x5863698A  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-07:47:28.962949 72.30.216.15:42602 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xDA23935F  Ack: 0xC07A1E98  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-08:50:25.919382 72.30.216.15:57134 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xC88D7B9E  Ack: 0xAD30C6B2  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-09:06:31.109002 65.214.44.190:38846 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:259
***AP*** Seq: 0xDBE5BF98  Ack: 0xEA2BBCCC  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-10:14:15.174907 72.30.216.15:52125 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x448E8F4  Ack: 0xEA96A1BE  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-10:42:31.979297 72.30.215.81:38902 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x249379D0  Ack: 0x55542A0E  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-12:01:50.598375 72.30.216.15:54538 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x9B726AA8  Ack: 0x7FCB3F3E  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-14:17:25.655835 72.30.216.15:33999 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x9B7D57D9  Ack: 0x80B2F4CB  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-16:24:49.802249 72.30.216.15:42114 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7C268060  Ack: 0x61F9975E  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-17:41:38.448421 72.30.216.15:37900 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x9E1D7A1A  Ack: 0x831B4DED  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-18:55:53.586430 72.30.216.15:34853 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB756AA40  Ack: 0x9BE66CF0  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-20:09:28.286080 72.30.216.15:41404 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xCBDED542  Ack: 0xB1E303ED  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-20:50:12.033910 207.46.98.49:33797 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x17F8710D  Ack: 0x4BE7D2E3  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-21:12:36.914559 72.30.216.15:47386 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBB3ADFA1  Ack: 0xA0A24255  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-22:15:39.339516 72.30.216.15:34705 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA925F913  Ack: 0x8E8AFFAE  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/22-22:44:49.785770 72.30.215.81:41670 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xCC8E9498  Ack: 0xFC8FBD74  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
08/22-23:37:45.238499 192.168.24.52:3251 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:50413 IpLen:20 DgmLen:647 DF
***AP*** Seq: 0xE3801E94  Ack: 0xC513ADF1  Win: 0xFB34  TcpLen: 20

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-00:40:49.855733 72.30.216.15:53613 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xCDB0BD83  Ack: 0xB2FAD3AC  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-01:46:37.260789 72.30.226.219:59545 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBBDB8640  Ack: 0xAB046F04  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-02:37:54.049701 74.6.74.166:35230 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF453E030  Ack: 0x6D0C0494  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-03:40:04.020802 74.6.74.166:51421 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xDE6E8F9F  Ack: 0x579175DC  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-04:33:27.808052 38.98.19.115:40197 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:291
***AP*** Seq: 0x39D594D6  Ack: 0x2199C1EB  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-05:18:06.303038 74.6.74.166:40680 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x5195BC54  Ack: 0xCA45A332  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-05:45:42.832172 38.98.19.124:33861 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:291
***AP*** Seq: 0x49C4FD1B  Ack: 0x31E470AA  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-06:20:16.627461 38.98.19.113:49641 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:291
***AP*** Seq: 0xCCC28869  Ack: 0xB42F932E  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-06:36:28.395332 38.98.19.110:35013 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:291
***AP*** Seq: 0xA915668  Ack: 0xF138F31F  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-07:05:11.031144 74.6.74.166:37365 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE500D069  Ack: 0x5E386412  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-08:14:30.311216 74.6.74.166:43760 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xEB0A682A  Ack: 0x63E15384  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-09:27:09.068879 65.214.44.116:56397 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:259
***AP*** Seq: 0x9AF43B68  Ack: 0x759AE316  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-09:51:18.953044 74.6.74.166:34639 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x59B9C59C  Ack: 0xD11AEC93  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-10:45:02.460811 72.30.215.81:60078 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6BE98761  Ack: 0x9CC9DE02  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-12:24:04.052360 64.124.85.213:14884 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:332
***AP*** Seq: 0x298B9E17  Ack: 0x12F0C03F  Win: 0x9  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-12:31:07.469186 74.6.74.166:41689 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB49A841C  Ack: 0x2C79D7D0  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-13:25:23.512788 68.142.212.182:34264 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:203
***AP*** Seq: 0xFE375E00  Ack: 0xFA0C4B41  Win: 0x81F0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-13:40:13.621595 74.6.74.166:36421 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB9F1FA00  Ack: 0x31C6FF00  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-14:44:23.247704 38.98.19.126:46790 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:291
***AP*** Seq: 0x3C680EA0  Ack: 0x24D5CF6A  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-14:44:57.064604 74.6.74.166:58219 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xADBB1736  Ack: 0x266CF027  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-15:06:03.564330 38.98.19.122:39415 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:291
***AP*** Seq: 0x8F46CDFB  Ack: 0x75CD0F5F  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-15:57:41.215466 74.6.74.166:59655 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xC03F02E4  Ack: 0x390F006C  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-16:24:21.550530 74.6.74.166:40203 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x24D98815  Ack: 0x9E38B3DC  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-17:44:08.275332 74.6.74.166:60639 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x5208395B  Ack: 0xCB11BE7C  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-18:43:35.562894 74.6.74.166:59939 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x32EAAE86  Ack: 0xABFA3450  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-20:27:35.741207 74.6.74.166:60308 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBB8C59BA  Ack: 0x3537071C  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-21:36:34.193897 74.6.74.166:46929 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xC02122E0  Ack: 0x38DCB78B  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-22:32:59.921081 205.209.170.220:3045 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:23563
***AP*** Seq: 0x78B16949  Ack: 0x275BBC8  Win: 0x4188  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-22:40:35.719591 74.6.74.166:39811 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB215A270  Ack: 0x2A28E6B2  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-22:45:07.943315 72.30.215.81:54880 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBEA71E9  Ack: 0x3B450957  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/23-23:40:56.392008 74.6.74.166:59366 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x95BBD092  Ack: 0xDBE467D  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-01:30:07.310036 72.30.132.104:38645 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xEB5868F7  Ack: 0xAAE45E22  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-02:33:14.827708 72.30.132.104:44188 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD92DC625  Ack: 0x992AB2A8  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-03:02:23.646366 38.98.19.109:44900 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:291
***AP*** Seq: 0x1F89728F  Ack: 0x7C6B346  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-03:50:11.288261 72.30.132.104:42195 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFCD55656  Ack: 0xBBB0495E  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-04:37:15.945945 38.98.19.109:47771 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:291
***AP*** Seq: 0x85967061  Ack: 0x6D3A4321  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-04:55:03.296782 72.30.132.104:37577 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF16B207F  Ack: 0xB0A537C5  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-05:00:05.871800 72.30.226.161:52706 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD6104A9A  Ack: 0xC3017EF5  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-06:49:12.836524 72.30.226.161:46435 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x728F367B  Ack: 0x5FAC7AEF  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-10:45:09.994186 72.30.215.82:36481 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xAF730910  Ack: 0xDAA048C4  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-10:57:18.873344 207.46.98.49:49639 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x6FAB23FB  Ack: 0x9452B69  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-12:18:46.031426 72.30.226.161:54821 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x4F284007  Ack: 0x3C1F630D  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-14:03:09.692753 72.30.226.161:33530 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD9EE9E02  Ack: 0xC6C7CA04  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-15:59:04.664538 72.30.226.161:36485 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8F12616D  Ack: 0x7BE291CF  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-16:41:16.389401 72.30.226.161:53921 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2E3F8C4F  Ack: 0x1B5D4790  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-18:28:12.155623 72.30.226.161:54278 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xC2DE00D8  Ack: 0xAFF3B7B1  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-19:02:09.005837 66.154.103.167:43541 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:329
***AP*** Seq: 0xC3C237DD  Ack: 0x2EB63640  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-19:49:25.424521 64.124.85.213:1506 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:332
***AP*** Seq: 0xF93158F5  Ack: 0xE265B442  Win: 0x9  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-20:54:53.640403 72.30.226.161:35887 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xEC01334C  Ack: 0xD9370DFB  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-22:05:48.681825 72.30.226.161:60243 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF818886B  Ack: 0xE5482752  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
08/24-22:32:35.616122 192.168.24.52:1203 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:4472 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x3C651861  Ack: 0x4AC98E95  Win: 0xFB34  TcpLen: 20

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/24-22:56:50.044074 72.30.226.161:40177 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB896736D  Ack: 0xA5B42A1A  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
08/25-00:02:45.992241 72.30.226.161:56021 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB20DDC3D  Ack: 0x9F717BC6  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

Go to: previous range, next range, all alerts, overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Sep 14 05:05:40 2010

192.168.24.11	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade
See also 192.168.24.11 as an alert source [7 alerts]