SnortSnarf alert page

Source: 192.168.24.52: #501-600

SnortSnarf v021111.1

Signature section (16810)

Top 20 source IPs

Top 20 dest IPs

Looking using input module SnortFileInput, with sources:

/var/log/snort/alert

Earliest: 22:16:12.429392 on 05/20/2010
Latest: 23:15:50.435904 on 06/06/2010

6 different signatures are present for 192.168.24.52 as a source

1 instances of (snort_decoder) WARNING: TCP Data Offset is less than 5!
4 instances of (http_inspect) DOUBLE DECODING ATTACK
12 instances of (http_inspect) OVERSIZE CHUNK ENCODING
32 instances of (http_inspect) OVERSIZE REQUEST-URI DIRECTORY
326 instances of (http_inspect) BARE BYTE UNICODE ENCODING
328 instances of (http_inspect) IIS UNICODE CODEPOINT ENCODING

There are 1 distinct destination IPs in the alerts of the type on this page.

192.168.24.52 Whois lookup at: ARIN RIPE APNIC Geektools

DNS lookup at: Amenesi TRIUMF Princeton

More lookup links: Dshield Sam Spade

Go to: previous range, next range, all alerts, overview page

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/20-22:16:12.429392 192.168.24.52:1153 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:7618 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x3D5F4718  Ack: 0x74F2D52D  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/20-22:17:17.297022 192.168.24.52:1154 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:7730 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x1BD4486E  Ack: 0x78DF78FC  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/20-23:38:39.439670 192.168.24.52:1187 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:8395 IpLen:20 DgmLen:976 DF
***AP*** Seq: 0x1FE30037  Ack: 0xAC9695B2  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-22:53:51.841558 192.168.24.52:1209 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:5592 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xDCED0176  Ack: 0x38FAB624  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-22:54:59.464373 192.168.24.52:1214 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:5882 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0x2CF1375B  Ack: 0x3C0697DC  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-22:57:40.592212 192.168.24.52:1221 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:11123 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x71DF523  Ack: 0x47C27CAC  Win: 0xFB34  TcpLen: 20

[**] [119:15:1] (http_inspect) OVERSIZE REQUEST-URI DIRECTORY [**]
05/21-22:57:41.493466 192.168.24.52:1221 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:11293 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x7219009  Ack: 0x47C27CAC  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:03:32.570270 192.168.24.52:1262 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:11941 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0xADA1AB9  Ack: 0x5C5F4ABB  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:04:32.853816 192.168.24.52:1263 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:12192 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0xA844CC85  Ack: 0x603B22C3  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:09:52.241898 192.168.24.52:1273 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:12544 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x166FE70B  Ack: 0x743EFEB3  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:12:22.348727 192.168.24.52:1280 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:12847 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x41A49F54  Ack: 0x7E42D72B  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:16:31.049676 192.168.24.52:1287 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:13721 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0x8E2937CF  Ack: 0x8D0081C2  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:20:16.120430 192.168.24.52:1319 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:14638 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0xFBE5E090  Ack: 0x9B562C31  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:22:23.826753 192.168.24.52:1320 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:14895 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xDF9744BB  Ack: 0xA4664BAF  Win: 0xFB33  TcpLen: 20

[**] [119:15:1] (http_inspect) OVERSIZE REQUEST-URI DIRECTORY [**]
05/21-23:22:24.686216 192.168.24.52:1320 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:15037 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xDF9A46B9  Ack: 0xA4664BAF  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:23:51.632526 192.168.24.52:1321 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:15112 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0x80C3F4BA  Ack: 0xA9DACA06  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:25:18.468531 192.168.24.52:1322 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:27293
***AP*** Seq: 0xAED26EB5  Ack: 0x746AEF92  Win: 0xBF22  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:26:08.625379 192.168.24.52:1323 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:15655 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x6159219A  Ack: 0xB17C87C8  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:26:58.127909 192.168.24.52:1324 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:15951 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x4829E023  Ack: 0xB555380D  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:27:43.897413 192.168.24.52:1325 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:16313 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xE0E7C11E  Ack: 0xB8351C3C  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:28:34.022901 192.168.24.52:1326 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:16558 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x2ABBC129  Ack: 0xBBF69534  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:32:34.394623 192.168.24.52:1328 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:16828 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x588DDD7D  Ack: 0xCB1CD192  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:34:17.330222 192.168.24.52:1331 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:17080 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0x237AA93F  Ack: 0xD12B8181  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:35:42.842892 192.168.24.52:1332 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:17215 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0x1387800C  Ack: 0xD6383772  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:37:28.977352 192.168.24.52:1333 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:17467 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0xE538103C  Ack: 0xDD68E8FB  Win: 0xFB33  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/21-23:38:12.149690 192.168.24.52:1334 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:17686 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x9C6ED485  Ack: 0xE06D5E2B  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/21-23:40:29.342129 192.168.24.52:1341 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:18055 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x4D8CF5A7  Ack: 0xE863EE49  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/21-23:44:54.730927 192.168.24.52:1384 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:19127 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xF8F71E4D  Ack: 0xF8E44100  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/21-23:45:53.281597 192.168.24.52:1386 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:19269 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x264E3C30  Ack: 0xFCB0BC3E  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:51:43.793182 192.168.24.52:1389 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:19450 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x3CE3B385  Ack: 0x12DD7D99  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:52:49.004462 192.168.24.52:1392 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:19708 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0x83DBF922  Ack: 0x17533603  Win: 0xFB33  TcpLen: 20

[**] [119:15:1] (http_inspect) OVERSIZE REQUEST-URI DIRECTORY [**]
05/21-23:52:49.814578 192.168.24.52:1392 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:19771 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x83DD512C  Ack: 0x17533603  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:54:02.238817 192.168.24.52:1393 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:19990 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x8559400  Ack: 0x1B8D7F96  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:55:15.419261 192.168.24.52:1398 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:20252 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x795C608E  Ack: 0x1FF87DB8  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/21-23:58:36.339251 192.168.24.52:1399 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:20565 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x35C1B863  Ack: 0x2CFE7B29  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/22-00:01:04.640712 192.168.24.52:1409 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:21040 IpLen:20 DgmLen:1438 DF
***AP*** Seq: 0xFBE09902  Ack: 0x35C2AA06  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/22-00:01:50.842204 192.168.24.52:1410 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:21240 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xC80F29FC  Ack: 0x38065505  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/22-00:02:20.399801 192.168.24.52:1411 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:21529 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x69A270D7  Ack: 0x3A23496C  Win: 0xFB33  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/22-00:03:37.000765 192.168.24.52:1412 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:21835 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x30B3CC2F  Ack: 0x3F7CB534  Win: 0xFB33  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/22-00:07:05.454257 192.168.24.52:1416 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:22052 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x9E0E6F3D  Ack: 0x4CF09363  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/22-00:10:01.924539 192.168.24.52:1421 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:22286 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x23A3FB70  Ack: 0x57EB25CF  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/22-22:14:05.789124 192.168.24.52:1154 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:3781 IpLen:20 DgmLen:1053 DF
***AP*** Seq: 0xCB242B97  Ack: 0xD8E641D8  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/22-23:45:54.082455 192.168.24.52:1609 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1396
***AP*** Seq: 0xE2443D06  Ack: 0x3292C4E3  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/22-23:57:43.790458 192.168.24.52:1623 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1396
***AP*** Seq: 0xA089B1C2  Ack: 0x604D69C3  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/23-00:00:37.742383 192.168.24.52:1629 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1397
***AP*** Seq: 0x662637A6  Ack: 0x6A1C679F  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/23-00:12:54.090695 192.168.24.52:1647 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1399
***AP*** Seq: 0xD7084F94  Ack: 0x999D6314  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/23-00:29:05.831449 192.168.24.52:1670 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:2076
***AP*** Seq: 0x17F33E9F  Ack: 0xD5FB80E7  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/23-07:21:39.720707 192.168.24.52:1124 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1841
***AP*** Seq: 0x81F11434  Ack: 0xE92680C1  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/23-07:35:15.854249 192.168.24.52:1143 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1564
***AP*** Seq: 0x1B8BD1D  Ack: 0x1CADE22C  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/23-22:52:13.142393 192.168.24.52:2273 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:20371 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x353DB366  Ack: 0x9E5DCAEA  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/24-23:02:17.022198 192.168.24.52:1138 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:3842 IpLen:20 DgmLen:1076 DF
***AP*** Seq: 0xBAF7AD5B  Ack: 0xF9A6046C  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/25-23:30:04.853646 192.168.24.52:1143 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:2833 IpLen:20 DgmLen:1308 DF
***AP*** Seq: 0x5B85AC22  Ack: 0x97B55754  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/26-23:33:20.847478 192.168.24.52:1152 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:4594 IpLen:20 DgmLen:689 DF
***AP*** Seq: 0x88B4A316  Ack: 0xDA4034A9  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/27-22:53:44.245494 192.168.24.52:1931 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:35052 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x1F47CBD7  Ack: 0x79E1DAE0  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/28-12:13:52.701918 192.168.24.52:1205 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:2008
***AP*** Seq: 0x4278CAF1  Ack: 0xAFA2AAA2  Win: 0x25B0  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/28-22:04:12.954436 192.168.24.52:1417 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1864
***AP*** Seq: 0xF4B03630  Ack: 0x3DD9A487  Win: 0x22E3  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/28-23:46:43.857390 192.168.24.52:1795 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1899
***AP*** Seq: 0x47F7F2AB  Ack: 0x7753FEAE  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/28-23:47:14.420592 192.168.24.52:1796 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1414
***AP*** Seq: 0x7271641B  Ack: 0x79D4C2B8  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/28-23:47:14.840042 192.168.24.52:1797 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1211
***AP*** Seq: 0x501B254A  Ack: 0x79BFB610  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/28-23:52:14.965460 192.168.24.52:1805 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:60174 IpLen:20 DgmLen:348 DF
***AP*** Seq: 0x2B9C57C  Ack: 0x8C4AF5B4  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/29-22:31:44.653185 192.168.24.52:1087 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:2527 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x328FD394  Ack: 0x928573F1  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/30-07:02:10.085083 192.168.24.52:1133 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1219
***AP*** Seq: 0xD9D8E41F  Ack: 0x17477CCF  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/30-07:05:07.223229 192.168.24.52:1135 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1746
***AP*** Seq: 0x20A95585  Ack: 0xF19CD46F  Win: 0x2426  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/30-07:27:46.407345 192.168.24.52:1150 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1765
***AP*** Seq: 0xA2B80B85  Ack: 0x778D0C17  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/30-23:29:01.637024 192.168.24.52:1973 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:23062 IpLen:20 DgmLen:660 DF
***AP*** Seq: 0x1BC46949  Ack: 0x9F90CE90  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
05/31-22:41:09.181469 192.168.24.52:2124 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:2524
***AP*** Seq: 0x20F0DF59  Ack: 0xB9B44231  Win: 0x2E10  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/31-22:47:51.019965 192.168.24.52:2138 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:61627 IpLen:20 DgmLen:144 DF
***AP*** Seq: 0x759441B4  Ack: 0x397E4923  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
05/31-22:57:02.010119 192.168.24.52:2150 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:62084 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x2878BA62  Ack: 0x5CFA756D  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/01-23:38:16.321920 192.168.24.52:2048 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1288
***AP*** Seq: 0x4779D0D1  Ack: 0x2CE57F86  Win: 0xFB34  TcpLen: 20

[**] [119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING [**]
06/02-23:16:42.356543 192.168.24.52:1149 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:5093
***AP*** Seq: 0x10674E60  Ack: 0x93A0B69  Win: 0x66A1  TcpLen: 20

[**] [119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING [**]
06/02-23:19:17.096305 192.168.24.52:1209 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:2702
***AP*** Seq: 0x1BEEBF6A  Ack: 0x9D4BF8C6  Win: 0x2D00  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
06/02-23:26:03.428894 192.168.24.52:1235 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:6544 IpLen:20 DgmLen:790 DF
***AP*** Seq: 0xA2E3F9AF  Ack: 0x34BBC6BA  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/03-10:57:04.900297 192.168.24.52:1361 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1799
***AP*** Seq: 0x61E27DE7  Ack: 0xF5A76162  Win: 0x247A  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/03-11:12:07.889064 192.168.24.52:1395 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1912
***AP*** Seq: 0x9B3E492D  Ack: 0x8909EEA9  Win: 0x2AA8  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/03-12:14:59.917094 192.168.24.52:1558 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:2066
***AP*** Seq: 0xDA95C167  Ack: 0x877E13DA  Win: 0xFB1C  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
06/03-21:52:59.559741 192.168.24.52:1535 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:16193 IpLen:20 DgmLen:1242 DF
***AP*** Seq: 0xDDC44D2F  Ack: 0xC218118  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
06/04-22:29:37.774936 192.168.24.52:1792 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:25269 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0xBBF23429  Ack: 0xCB246933  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/04-23:31:49.969052 192.168.24.52:1879 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1080
***AP*** Seq: 0x3643913B  Ack: 0xB5683E3A  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/04-23:51:46.868114 192.168.24.52:1940 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:6958
***AP*** Seq: 0x5E89D6  Ack: 0xDBDBD5DA  Win: 0x4F90  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/05-00:01:48.531001 192.168.24.52:1952 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:972
***AP*** Seq: 0xA92A2683  Ack: 0x26D3A42E  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
06/05-23:44:47.842802 192.168.24.52:1908 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:37699 IpLen:20 DgmLen:1046 DF
***AP*** Seq: 0x199E1067  Ack: 0x1BBED6D6  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-00:10:15.082973 192.168.24.52:2142 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1122
***AP*** Seq: 0xA175E286  Ack: 0x7B6C5CC3  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-00:14:19.293707 192.168.24.52:2147 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1122
***AP*** Seq: 0x3155347  Ack: 0x8B3C7AD5  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-00:14:48.859438 192.168.24.52:2148 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1121
***AP*** Seq: 0xF33286CA  Ack: 0x8CD62602  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-00:15:31.612030 192.168.24.52:2150 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1122
***AP*** Seq: 0xC0A0AEA6  Ack: 0x8F25B094  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-00:17:29.757596 192.168.24.52:2151 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1122
***AP*** Seq: 0x97BC1E3D  Ack: 0x970331F2  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-00:24:54.335304 192.168.24.52:2228 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1122
***AP*** Seq: 0xE80F7558  Ack: 0xB27F09A3  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-00:25:39.522451 192.168.24.52:2229 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1122
***AP*** Seq: 0x8E415061  Ack: 0xB586A27F  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-00:27:05.596732 192.168.24.52:2231 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1121
***AP*** Seq: 0xB1D12729  Ack: 0xBBCECA58  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-00:27:33.268613 192.168.24.52:2232 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1122
***AP*** Seq: 0x9E587FD3  Ack: 0xBD6C15B5  Win: 0xFB34  TcpLen: 20

[**] [119:7:1] (http_inspect) IIS UNICODE CODEPOINT ENCODING [**]
06/06-22:42:14.155879 192.168.24.52:1404 -> 192.168.24.11:80
TCP TTL:128 TOS:0x0 ID:12629 IpLen:20 DgmLen:1438 DF
***A**** Seq: 0x23753A66  Ack: 0x65A2E89D  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-22:46:30.246846 192.168.24.52:1410 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1762
***AP*** Seq: 0xE010D677  Ack: 0x7605E933  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-22:46:30.448410 192.168.24.52:1411 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1138
***AP*** Seq: 0x1DEE9483  Ack: 0x7607B3B5  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-22:52:18.778204 192.168.24.52:1433 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:2072
***AP*** Seq: 0xDC566F14  Ack: 0x8B7F7AA1  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-22:54:30.782977 192.168.24.52:1442 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:3504
***AP*** Seq: 0x92A75470  Ack: 0xD6DA1092  Win: 0x3644  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-22:57:13.991895 192.168.24.52:1454 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:2302
***AP*** Seq: 0x9DAE684F  Ack: 0x3377672D  Win: 0x27A5  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-23:01:23.488875 192.168.24.52:1476 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1179
***AP*** Seq: 0x68D63380  Ack: 0xADF164BD  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-23:09:09.201027 192.168.24.52:1518 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1705
***AP*** Seq: 0xC9C051EC  Ack: 0x1E3ED630  Win: 0x22FB  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-23:09:15.636417 192.168.24.52:1520 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1706
***AP*** Seq: 0xE9305A72  Ack: 0xCBC1CCB0  Win: 0xFB34  TcpLen: 20

[**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**]
06/06-23:15:50.435904 192.168.24.52:1549 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:1705
***AP*** Seq: 0x12E29F14  Ack: 0xE3C040BC  Win: 0xFB34  TcpLen: 20

Go to: previous range, next range, all alerts, overview page

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Fri Jul 30 05:05:23 2010

192.168.24.52	Whois lookup at:	ARIN	RIPE	APNIC	Geektools
	DNS lookup at:	Amenesi	TRIUMF	Princeton
	More lookup links:	Dshield	Sam Spade