SnortSnarf alert page

Destination: 192.168.24.11: #8001-8100

SnortSnarf v021111.1

Signature section (16810)

Top 20 source IPs

Top 20 dest IPs

Looking using input module SnortFileInput, with sources:

/var/log/snort/alert

Earliest: 15:47:53.002956 on 04/22/2010
Latest: 07:32:46.365304 on 04/24/2010

31 different signatures are present for 192.168.24.11 as a destination

1 instances of WEB-MISC long basic authorization string
1 instances of WEB-MISC Cisco IOS HTTP configuration attempt
2 instances of SNMP private access udp
2 instances of SNMP public access udp
2 instances of WEB-MISC WebDAV search access
3 instances of WEB-MISC /etc/passwd
3 instances of ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
4 instances of MS-SQL probe response overflow attempt
4 instances of WEB-MISC cross site scripting attempt
4 instances of SNMP request udp
4 instances of ATTACK-RESPONSES id check returned root
4 instances of (http_inspect) DOUBLE DECODING ATTACK
5 instances of WEB-PHP remote include path
5 instances of IMAP authenticate overflow attempt
6 instances of WEB-FRONTPAGE /_vti_bin/ access
9 instances of WEB-MISC apache directory disclosure attempt
9 instances of WEB-MISC Chunked-Encoding transfer attempt
13 instances of WEB-PHP test.php access
13 instances of (snort_decoder) WARNING: TCP Data Offset is less than 5!
17 instances of NETBIOS SMB trans2open buffer overflow attempt
38 instances of WEB-MISC http directory traversal
42 instances of ICMP Destination Unreachable Communication Administratively Prohibited
50 instances of (http_inspect) OVERSIZE REQUEST-URI DIRECTORY
57 instances of (http_inspect) OVERSIZE CHUNK ENCODING
85 instances of WEB-IIS view source via translate header
144 instances of WEB-MISC Invalid HTTP Version String
256 instances of IMAP status overflow attempt
347 instances of (http_inspect) IIS UNICODE CODEPOINT ENCODING
432 instances of (http_inspect) BARE BYTE UNICODE ENCODING
470 instances of IMAP fetch overflow attempt
14771 instances of WEB-MISC robots.txt access

There are 935 distinct source IPs in the alerts of the type on this page.

192.168.24.11 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

See also 192.168.24.11 as an alert source [7 alerts]

Go to: previous range, next range, all alerts, overview page

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-15:47:53.002956 68.142.250.35:49451 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xCE45A040  Ack: 0xE3F99F2A  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-16:18:37.915130 68.142.250.35:59204 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x41B5B283  Ack: 0x5862A9F1  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1042:8] WEB-IIS view source via translate header [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-16:30:55.347195 203.211.169.1:3423 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:190
***AP*** Seq: 0x14A4A996  Ack: 0x85D2A014  Win: 0xFE14  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/1578][Xref => http://www.whitehats.com/info/IDS305]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-16:58:42.362135 68.142.250.35:33390 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xD976FFBE  Ack: 0xEEA5DA3D  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-17:54:30.078980 72.30.98.10:47082 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x12DD321B  Ack: 0xC0A6C46D  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-17:59:36.662209 68.142.250.35:59683 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBF3459E8  Ack: 0xD44889D9  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-18:34:07.502807 68.142.250.35:39061 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x41E21A03  Ack: 0x564D0611  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/22-19:57:13.408799 130.54.208.193:33004 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:353
***AP*** Seq: 0x8F473E62  Ack: 0xA9B32DA  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/22-19:57:18.468028 130.54.208.193:33004 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:343
***AP*** Seq: 0x8F47B53C  Ack: 0xA9B3409  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-20:02:09.412892 68.142.250.35:32847 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8D028FA5  Ack: 0xA1D350AE  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-21:41:04.914468 68.142.250.35:33179 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x370891F  Ack: 0x17044EDB  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-22:01:42.678931 72.30.98.10:57861 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB83CDA76  Ack: 0x6487EB9D  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-22:33:52.548951 68.142.250.35:53258 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xCACC0192  Ack: 0xDEAFECB0  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
04/22-22:59:52.317606 192.168.24.52:1181 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:7537 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xA9F9E5F5  Ack: 0x40BD39FF  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
04/22-23:33:59.533559 192.168.24.52:1355 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:12437 IpLen:20 DgmLen:391 DF
***AP*** Seq: 0x74056ED5  Ack: 0xC0A6D158  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
04/22-23:38:56.248070 192.168.24.52:1366 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:12657 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0xF6E2F015  Ack: 0xD37FE75A  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
04/22-23:39:32.600270 192.168.24.52:1367 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:12695 IpLen:20 DgmLen:246 DF
***AP*** Seq: 0x16354131  Ack: 0xD4E23EAB  Win: 0xFA96  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
04/22-23:43:30.631896 192.168.24.52:1390 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:13227 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x982FE671  Ack: 0xE471F45D  Win: 0xFB34  TcpLen: 20

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/22-23:55:13.260602 68.142.250.35:56264 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFE40237B  Ack: 0x111B4864  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-01:09:55.605414 68.142.250.35:37149 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x18392E8E  Ack: 0x2ABACEF3  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-02:17:04.476294 72.30.103.35:52321 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x57D77F2D  Ack: 0x27DD62F6  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-02:18:27.245447 72.30.98.10:47689 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x80A8E5BF  Ack: 0x2D2F966F  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-02:20:04.145737 68.142.250.35:57989 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2064239C  Ack: 0x3326ACEA  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-02:58:08.975931 65.214.44.135:40523 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:259
***AP*** Seq: 0x56B88A7F  Ack: 0xC2F40970  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-03:22:41.161207 72.30.98.10:36030 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x73A89786  Ack: 0x1FA19745  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-03:41:28.982940 68.142.250.35:45391 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x545C953F  Ack: 0x66137BF1  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-04:18:30.518611 72.30.103.35:34456 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x223D025A  Ack: 0xF105C47B  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-04:45:51.092493 72.30.98.10:57032 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xAE48D42A  Ack: 0x59423B56  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-04:48:47.351958 68.142.250.35:44732 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x51C4FE8A  Ack: 0x639562AD  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-06:01:29.247117 68.142.250.35:34032 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x651EB5E7  Ack: 0x7619BFA8  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-06:45:44.892196 72.30.98.10:38556 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x73219DB9  Ack: 0x1C834BE2  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-06:52:16.566122 68.142.250.35:58573 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2499084D  Ack: 0x35912B73  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-07:01:34.073427 66.196.91.169:40407 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFEAA0B13  Ack: 0x58EACF2A  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-08:00:20.318245 68.142.250.35:60818 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x25B35323  Ack: 0x36BA5DF8  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-09:07:32.084679 68.142.250.35:55377 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2298750A  Ack: 0x34595653  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-09:38:13.346394 72.30.98.10:47014 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFDC30A8F  Ack: 0xA7F18A36  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-10:15:26.513756 68.142.250.35:49342 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2303C37F  Ack: 0x33787136  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-10:56:19.719619 68.142.250.35:37969 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBE203C03  Ack: 0xCE72DF38  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-11:14:53.427126 72.30.98.10:37888 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6B0F79A9  Ack: 0x13482E56  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-11:58:32.867728 68.142.250.35:43551 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA83B0A88  Ack: 0xB8ABD611  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-12:23:04.901960 72.30.98.10:57385 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6C7CA034  Ack: 0x1582726A  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-13:25:44.744521 68.142.250.35:43004 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF1A6280F  Ack: 0x1A8EABD  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-14:15:23.258278 72.30.98.10:48973 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x153E6782  Ack: 0xBC7BB242  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-14:18:19.612552 68.142.250.35:36363 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB8809173  Ack: 0xC7DF219B  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-15:05:13.459921 65.214.44.135:49342 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:259
***AP*** Seq: 0xED75067  Ack: 0x77BAC05E  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-15:20:31.484502 72.30.98.10:40842 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA830538  Ack: 0xB19E5C32  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-15:37:42.541425 66.249.65.211:39453 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1334
***AP*** Seq: 0xF1C75B9F  Ack: 0x49D1F1F0  Win: 0x29E0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-16:13:31.698325 68.142.250.35:47957 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6BEBC266  Ack: 0x791C8C7B  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-17:16:50.156909 68.142.250.35:51539 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x598E7EE4  Ack: 0x68E9CC10  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-18:16:27.852377 72.30.98.10:45625 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA379AB76  Ack: 0x48DCAC01  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-18:25:51.800080 68.142.250.35:39917 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x5E7A27E7  Ack: 0x6CC706F4  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-18:51:56.349548 72.30.103.35:51518 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x4971A91  Ack: 0xCF5D0240  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1844:9] IMAP authenticate overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:32:44.344773 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:241
***AP*** Seq: 0x683EFBAF  Ack: 0xA302A34C  Win: 0x16A0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10292][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0042]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:32:44.344773 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:241
***AP*** Seq: 0x683EFBAF  Ack: 0xA302A34C  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:32:45.496174 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:182
***AP*** Seq: 0x683EFC7E  Ack: 0xA302A3DA  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:32:47.535495 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:263
***AP*** Seq: 0x683EFDC2  Ack: 0xA302A4B9  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:32:50.586579 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x683EFF5D  Ack: 0xA302A5CE  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:32:53.499161 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:394
***AP*** Seq: 0x683F015F  Ack: 0xA302A730  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:32:55.108946 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:249
***AP*** Seq: 0x683F029E  Ack: 0xA302A801  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:34:06.820864 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:183
***AP*** Seq: 0x683F04EC  Ack: 0xA302A890  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:34:09.193160 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:333
***AP*** Seq: 0x683F0F64  Ack: 0xA302A9B5  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:34:21.046735 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:188
***AP*** Seq: 0x683F6548  Ack: 0xA302AA49  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:34:32.081008 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:285
***AP*** Seq: 0x6840023C  Ack: 0xA302AB3E  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:34:32.081008 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:285
***AP*** Seq: 0x6840023C  Ack: 0xA302AB3E  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:35:44.221129 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:353
***AP*** Seq: 0x684004AC  Ack: 0xA302AC77  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-19:35:54.399379 203.180.88.108:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:219
***AP*** Seq: 0x6840272D  Ack: 0xA302ADB9  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-19:45:02.283591 68.142.250.35:58728 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8A0190CC  Ack: 0x968DD35E  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-20:20:18.073552 72.30.98.10:54358 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7738D122  Ack: 0x1C640DBF  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-20:44:11.273500 68.142.250.35:32924 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6927E820  Ack: 0x7693B2BC  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-21:52:48.882302 68.142.250.35:52917 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6C24C326  Ack: 0x78A49421  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-21:58:52.674218 213.180.128.151:57163 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:376
***AP*** Seq: 0x4E2A9BD6  Ack: 0x8FFC53C0  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-22:00:58.699477 207.46.98.49:63372 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x6AC7D86C  Ack: 0x9812ABDF  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/23-22:47:06.253414 203.180.88.108:32926 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:356
***AP*** Seq: 0x5E97737C  Ack: 0x3D3ED39B  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-22:50:32.600324 72.30.103.35:43928 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x89B509CF  Ack: 0x52686281  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-23:09:01.883844 68.142.250.35:59612 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8CA75E1C  Ack: 0x988DE570  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/23-23:32:40.407978 72.30.98.10:42529 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x4D3F0018  Ack: 0xF0881C26  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-00:20:02.540875 68.142.250.35:58388 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x98AA163F  Ack: 0xA4B0EC6D  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-00:35:59.340789 72.30.98.10:37985 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x3C221F3B  Ack: 0xDFFC4E41  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-00:38:43.548793 207.46.98.51:43580 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0xCE445609  Ack: 0xEA349D9D  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-01:23:58.861616 68.142.250.35:58544 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8A741853  Ack: 0x94FB4A6D  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-02:51:46.478340 72.30.98.10:33704 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x3CCC43E8  Ack: 0xE03365AD  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-02:52:20.570823 72.30.103.35:59329 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x1B1E8738  Ack: 0xE1EA3565  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-02:59:21.941298 68.142.250.35:51247 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF298E870  Ack: 0xFD0DFDA0  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-03:03:33.349026 207.46.98.50:10613 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0xFA7F140F  Ack: 0xBDE362A  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-03:11:13.761012 65.214.44.135:54325 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:259
***AP*** Seq: 0xC4AADF5D  Ack: 0x291A0539  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-03:24:27.633509 24.21.85.59:60436 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:874
***AP*** Seq: 0xE27EA0C7  Ack: 0x5C260C02  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-03:42:55.388082 207.46.98.49:27796 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0xDBF0B1D0  Ack: 0xA10560C7  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-03:43:39.431257 68.142.250.35:52577 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x98E2ACF4  Ack: 0xA3B2DB42  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-03:51:50.384234 72.30.98.10:40775 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x1F68FEAD  Ack: 0xC2AE8D4A  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-04:39:00.454589 68.142.250.35:33849 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x696C2974  Ack: 0x74FB4819  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-05:00:35.457899 207.46.98.50:19294 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0xA04CAA9D  Ack: 0xC547B105  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-05:13:00.451474 68.142.250.35:43115 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xEA1D592A  Ack: 0xF4A41D80  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-05:46:49.804881 81.168.215.32:52289 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:464
***AP*** Seq: 0x577FC45D  Ack: 0x748DDC7D  Win: 0x5B4  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-06:00:01.955132 68.142.250.35:46199 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x9C88FAF5  Ack: 0xA6A2956D  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-06:41:03.530483 72.30.98.10:43614 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x9EC1129A  Ack: 0x411EB512  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-07:22:17.375188 220.104.142.145:55476 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:199
***AP*** Seq: 0xD693609F  Ack: 0xDC5BC541  Win: 0x888  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
04/24-07:28:22.448488 68.142.250.35:56276 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE9B9B5F9  Ack: 0xF3AC3619  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/24-07:32:42.299412 203.180.17.80:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:246
***AP*** Seq: 0x36109B2  Ack: 0xB225DE9A  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/24-07:32:44.158273 203.180.17.80:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:265
***AP*** Seq: 0x3610AF1  Ack: 0xB225DF7B  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
04/24-07:32:46.365304 203.180.17.80:32771 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:251
***AP*** Seq: 0x3610C28  Ack: 0xB225E04E  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

Go to: previous range, next range, all alerts, overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Sep 14 05:05:36 2010

192.168.24.11	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade
See also 192.168.24.11 as an alert source [7 alerts]