SnortSnarf alert page

Destination: 192.168.24.11: #9901-10000

SnortSnarf v021111.1

Signature section (16810)

Top 20 source IPs

Top 20 dest IPs

Looking using input module SnortFileInput, with sources:

/var/log/snort/alert

Earliest: 21:04:39.302091 on 05/14/2010
Latest: 16:31:10.336267 on 05/15/2010

31 different signatures are present for 192.168.24.11 as a destination

1 instances of WEB-MISC long basic authorization string
1 instances of WEB-MISC Cisco IOS HTTP configuration attempt
2 instances of SNMP private access udp
2 instances of SNMP public access udp
2 instances of WEB-MISC WebDAV search access
3 instances of WEB-MISC /etc/passwd
3 instances of ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
4 instances of MS-SQL probe response overflow attempt
4 instances of WEB-MISC cross site scripting attempt
4 instances of SNMP request udp
4 instances of ATTACK-RESPONSES id check returned root
4 instances of (http_inspect) DOUBLE DECODING ATTACK
5 instances of WEB-PHP remote include path
5 instances of IMAP authenticate overflow attempt
6 instances of WEB-FRONTPAGE /_vti_bin/ access
9 instances of WEB-MISC apache directory disclosure attempt
9 instances of WEB-MISC Chunked-Encoding transfer attempt
13 instances of WEB-PHP test.php access
13 instances of (snort_decoder) WARNING: TCP Data Offset is less than 5!
17 instances of NETBIOS SMB trans2open buffer overflow attempt
38 instances of WEB-MISC http directory traversal
42 instances of ICMP Destination Unreachable Communication Administratively Prohibited
50 instances of (http_inspect) OVERSIZE REQUEST-URI DIRECTORY
57 instances of (http_inspect) OVERSIZE CHUNK ENCODING
85 instances of WEB-IIS view source via translate header
144 instances of WEB-MISC Invalid HTTP Version String
256 instances of IMAP status overflow attempt
347 instances of (http_inspect) IIS UNICODE CODEPOINT ENCODING
432 instances of (http_inspect) BARE BYTE UNICODE ENCODING
470 instances of IMAP fetch overflow attempt
14771 instances of WEB-MISC robots.txt access

There are 935 distinct source IPs in the alerts of the type on this page.

192.168.24.11 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

See also 192.168.24.11 as an alert source [7 alerts]

Go to: previous range, next range, all alerts, overview page

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-21:04:39.302091 72.30.98.160:37484 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2C52EDA2  Ack: 0x27541524  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-21:21:47.673297 66.154.102.38:41555 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xD2F83F77  Ack: 0x6777340A  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-21:41:17.016301 68.142.250.28:57259 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x82CB20CB  Ack: 0xB14ECEAF  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-21:44:13.199710 207.46.98.49:12909 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x7F992260  Ack: 0xBC0FCB02  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-22:15:44.724804 72.30.103.225:35267 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x385012CF  Ack: 0x3281EE17  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-22:26:53.544758 66.154.102.38:45132 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xC804C2BB  Ack: 0x5D2E9813  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-22:37:37.141853 72.30.98.147:44024 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x49DC0F4B  Ack: 0x85A05809  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-22:50:38.578227 72.30.216.25:34391 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB977BCAC  Ack: 0xB65304D4  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-22:54:35.521198 66.154.102.38:42711 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x31B53369  Ack: 0xC586A0B2  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-23:03:46.138245 72.30.132.219:33484 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x628D15C4  Ack: 0xE7F1FCEC  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-23:04:54.581754 66.154.102.38:52462 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x58B34DAD  Ack: 0xEC347A38  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1042:8] WEB-IIS view source via translate header [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-23:26:39.548673 203.211.161.245:4531 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:190
***AP*** Seq: 0xE56EA2E2  Ack: 0x3DC6AA50  Win: 0xFE14  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/1578][Xref => http://www.whitehats.com/info/IDS305]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-23:43:55.764267 72.30.110.224:59862 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8D12B8B0  Ack: 0x7E8A8455  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/14-23:47:18.672765 207.46.98.50:20860 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x2DFEF9D4  Ack: 0x8B944488  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-00:17:05.625898 66.154.102.38:36222 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x68895307  Ack: 0xFC13D54E  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-00:26:08.792694 66.154.102.38:44220 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x8AEE3A6C  Ack: 0x1F3BEB01  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-00:30:05.116006 68.142.250.28:50536 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFF8DC98E  Ack: 0x2CAAFF64  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-00:31:00.816887 72.30.110.224:59935 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x3F361EF8  Ack: 0x30EC6433  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-00:48:50.570214 66.154.102.38:35923 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xE12A7E31  Ack: 0x73F4363B  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-00:52:02.930825 72.30.110.224:37698 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8EBA0794  Ack: 0x800DF58B  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-01:22:00.170971 72.30.110.224:38824 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFF7DDC26  Ack: 0xF1BC3156  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-01:38:04.223552 72.30.110.224:54055 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x3BCC4FF7  Ack: 0x2E680D2F  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-01:54:19.091072 66.154.102.38:40279 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xD8B1F658  Ack: 0x6AD333BC  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-01:57:14.989662 68.142.250.28:45791 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x49531A15  Ack: 0x757FCF4B  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-02:10:58.303215 66.154.102.38:55871 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x174092BD  Ack: 0xA9876319  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-02:30:13.664302 66.154.102.38:45743 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x5F9088DD  Ack: 0xF24740B7  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-02:38:48.567307 66.154.102.38:53768 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x8118B8BB  Ack: 0x12016266  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-02:49:52.664124 66.154.102.38:35586 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xA9CEB995  Ack: 0x3CD6EDB7  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-02:52:29.261327 72.30.111.87:37000 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF7FCE2A6  Ack: 0x45C597CB  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-03:07:42.181209 68.142.250.28:37377 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x53E2687F  Ack: 0x7F91DA56  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-03:10:59.965604 72.30.110.224:47654 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x9B5874F1  Ack: 0x8C398BA6  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-03:34:45.779938 72.30.110.224:34470 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF414A761  Ack: 0xE58388F4  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-04:11:19.883278 72.30.110.96:38304 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x4ADA0894  Ack: 0x6F026749  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-04:17:05.527649 68.142.250.28:56115 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x591540D0  Ack: 0x84B56589  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-04:26:14.507769 72.30.132.219:58538 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x24468C11  Ack: 0xA7DA89CB  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-05:48:44.926326 72.30.111.148:37770 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x86B5A3F2  Ack: 0xDEF24B8C  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-05:56:51.955470 72.30.101.225:34813 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x211DFAC5  Ack: 0xFD7F88CD  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-06:00:18.671929 66.154.102.38:39837 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x787C74C6  Ack: 0xAB2A46E  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-06:02:56.155560 72.30.129.116:41050 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8804AF89  Ack: 0x142D0838  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-06:11:26.616124 68.142.250.28:37473 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8ECCF63  Ack: 0x34D9BD2B  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-06:14:20.268836 66.154.102.38:52105 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xAC4DB1A6  Ack: 0x3EAEAF38  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-06:39:49.359725 72.30.216.25:45361 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA5443029  Ack: 0x9EF22B70  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-07:12:25.207917 68.142.250.28:44161 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xEEAE3B60  Ack: 0x1AB3BEE1  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-07:14:32.347043 66.154.102.38:50290 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x9004237A  Ack: 0x22074B77  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:02:47.443318 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:47 TOS:0x0 ID:58388 IpLen:20 DgmLen:266 DF
***AP*** Seq: 0x78F0D63F  Ack: 0xBEFC8553  Win: 0x7C86  TcpLen: 32
TCP Options (3) => NOP NOP TS: 49060 318550644 
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:02:54.159335 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:209
***AP*** Seq: 0xBEFDB9C4  Ack: 0x78F0D84F  Win: 0x29E0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:02:58.236940 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:191
***AP*** Seq: 0xBEFE307C  Ack: 0x78F0D8E6  Win: 0x29E0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:02:58.867006 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:348
***AP*** Seq: 0xBEFE807E  Ack: 0x78F0DA1A  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:14.867349 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:320
***AP*** Seq: 0xBEFE8A16  Ack: 0x78F0DB32  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:15.457930 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:208
***AP*** Seq: 0xBEFF5EF1  Ack: 0x78F0DBDA  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:16.158221 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:208
***AP*** Seq: 0xBEFFE106  Ack: 0x78F0DC82  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:17.178792 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:250
***AP*** Seq: 0xBF01EDCF  Ack: 0x78F0DD54  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:17.918119 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:208
***AP*** Seq: 0xBF031E1D  Ack: 0x78F0DDFC  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:18.828102 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:208
***AP*** Seq: 0xBF03F75F  Ack: 0x78F0DEA4  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:19.566613 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:208
***AP*** Seq: 0xBF05126E  Ack: 0x78F0DF4C  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:20.188790 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:208
***AP*** Seq: 0xBF05C3B8  Ack: 0x78F0DFF4  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:20.926557 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:208
***AP*** Seq: 0xBF06BA1A  Ack: 0x78F0E09C  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:21.437860 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:208
***AP*** Seq: 0xBF07152F  Ack: 0x78F0E144  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-08:03:23.037028 130.54.208.193:32772 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:280
***AP*** Seq: 0xBF080358  Ack: 0x78F0E234  Win: 0x2E10  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-08:08:22.905372 207.46.98.49:37509 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x2EA9040  Ack: 0xED6D1F61  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-08:47:44.947468 68.142.250.28:51310 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x56CA2650  Ack: 0x82115EFD  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-09:03:50.470735 72.30.132.200:39467 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE04C2ABC  Ack: 0xBE315228  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-09:05:19.211232 66.154.102.38:33279 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x32A7A70E  Ack: 0xC4F5A356  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-09:16:08.855497 130.54.208.193:32800 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:268
***AP*** Seq: 0xED1B58C5  Ack: 0x9FB5B1AB  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-09:16:13.836229 130.54.208.193:32800 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1449
***AP*** Seq: 0xED1B625D  Ack: 0x9FB5B72C  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-09:16:13.836229 130.54.208.193:32800 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1449
***AP*** Seq: 0xED1B625D  Ack: 0x9FB5B72C  Win: 0x16A0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-09:16:14.325523 130.54.208.193:32800 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:358
***AP*** Seq: 0xED1B7AC8  Ack: 0x9FB5B86A  Win: 0x1920  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3072:1] IMAP status overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-09:16:18.166822 130.54.208.193:32800 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:458
***AP*** Seq: 0xED1B834A  Ack: 0x9FB5BA0C  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-09:16:18.166822 130.54.208.193:32800 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:458
***AP*** Seq: 0xED1B834A  Ack: 0x9FB5BA0C  Win: 0x1D50  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:3070:1] IMAP fetch overflow attempt [**]
[Classification: Misc Attack] [Priority: 2] 
05/15-09:16:20.373366 130.54.208.193:32800 -> 192.168.24.11:143
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:237
***AP*** Seq: 0x9FB5BABD  Ack: 0xED1C239A  Win: 0x81F0  TcpLen: 20
[Xref => http://www.securityfocus.com/bid/11775]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-09:36:45.256292 72.30.132.150:48050 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x5CD69CCE  Ack: 0x3B7C208A  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-09:48:31.587568 66.154.102.38:44929 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xD57CFD75  Ack: 0x66A6EDBB  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-10:11:18.346823 72.30.110.37:42705 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xDF8D0541  Ack: 0xBC4F78D7  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-10:33:09.001810 68.142.250.28:40308 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE4FA04B8  Ack: 0xFECE5A6  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-10:51:22.195649 207.46.98.49:55436 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:195
***AP*** Seq: 0x4DB96CF5  Ack: 0x540DBAFE  Win: 0xFFFF  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-11:03:47.384233 72.30.98.222:52505 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x4D272DCF  Ack: 0x833B30A1  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-11:18:16.310410 72.30.104.210:36257 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x92E73580  Ack: 0xB954AC33  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-12:05:44.445050 64.124.85.213:28584 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:340
***AP*** Seq: 0xBC49065E  Ack: 0x6C606FCB  Win: 0x9  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-12:16:30.116268 66.154.102.38:57832 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x40C2E69  Ack: 0x953123E0  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-12:31:24.953625 66.154.102.38:44858 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x3C680A7F  Ack: 0xCD4F3572  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-12:54:30.264282 68.142.250.28:36760 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFB2C97CA  Ack: 0x23D0C870  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-12:56:06.989095 66.154.102.38:39689 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x9968B559  Ack: 0x29F2B49F  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-13:22:52.856359 66.154.102.38:37101 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xFF7F9BF6  Ack: 0x8F923D53  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-13:28:39.217290 72.30.104.210:36550 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8040DE59  Ack: 0xA5639874  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-13:41:59.962177 66.154.102.38:56545 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x471660E3  Ack: 0xD6CA9A7B  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-13:43:59.182300 72.30.104.210:43012 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBA2B879B  Ack: 0xDEEA0726  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-13:44:41.957014 68.142.250.28:38232 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB939A6CC  Ack: 0xE1BC0619  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-13:46:51.292549 72.30.110.224:41154 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFC4144D5  Ack: 0xE9812C71  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-13:50:57.769178 72.30.110.28:57881 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA08031A3  Ack: 0xF8C0A481  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-14:41:47.087531 72.30.110.28:55292 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x5FBA396D  Ack: 0xB87055C0  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-14:47:55.061287 68.142.212.182:43174 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:203
***AP*** Seq: 0xAD309A73  Ack: 0xCF94C665  Win: 0x81F0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-14:50:46.516556 72.30.104.210:47265 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB5D2765B  Ack: 0xDB88C8F4  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-14:53:34.995826 68.142.250.28:53678 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBC7EF1AB  Ack: 0xE53C7849  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-14:55:07.876594 66.154.102.38:44721 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0x5B81E32E  Ack: 0xEA7873FA  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-15:10:00.842348 72.30.104.210:54698 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xFEA0B548  Ack: 0x234E7213  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-15:33:20.902200 66.154.102.38:53422 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:317
***AP*** Seq: 0xEBD64DA8  Ack: 0x7B28264D  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-15:53:18.337383 72.30.104.210:49735 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA20A65C0  Ack: 0xC6467D16  Win: 0x5C  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-15:56:34.586369 68.142.250.28:56082 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xAA67A629  Ack: 0xD2AE07A9  Win: 0x16D0  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

[**] [1:485:4] ICMP Destination Unreachable Communication Administratively Prohibited [**]
[Classification: Misc activity] [Priority: 3] 
05/15-16:24:45.201512 202.147.9.162 -> 192.168.24.11
ICMP TTL:247 TOS:0x0 ID:36742 IpLen:20 DgmLen:56
Type:3  Code:13  DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED,
PACKET FILTERED
** ORIGINAL DATAGRAM DUMP:
192.168.24.11:137 -> 203.212.99.60:137
UDP TTL:55 TOS:0x0 ID:0 IpLen:20 DgmLen:257 DF
Len: 229
** END OF DUMP

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2] 
05/15-16:31:10.336267 64.246.165.180:56547 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:250
***AP*** Seq: 0x1DA6C638  Ack: 0x551C5EBB  Win: 0xFE46  TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]

Go to: previous range, next range, all alerts, overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Sep 14 05:05:37 2010

192.168.24.11	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade
See also 192.168.24.11 as an alert source [7 alerts]