[Silicon Defense logo]

SnortSnarf alert page

Source: 72.30.107.29

SnortSnarf v021111.1

Signature section (16810)Top 20 source IPsTop 20 dest IPs

43 such alerts found using input module SnortFileInput, with sources:
Earliest: 08:29:14.763101 on 07/08/2010
Latest: 03:07:35.385166 on 07/22/2010

1 different signatures are present for 72.30.107.29 as a source

There are 1 distinct destination IPs in the alerts of the type on this page.

72.30.107.29 Whois lookup at: ARIN RIPE APNIC Geektools
DNS lookup at: Amenesi TRIUMF Princeton
More lookup links: Dshield Sam Spade

[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/08-08:29:14.763101 72.30.107.29:53637 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xAF88EC35 Ack: 0x7F54589F Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/08-10:31:46.042558 72.30.107.29:57926 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7ED0F57C Ack: 0x4DFCD49E Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/08-11:56:16.528830 72.30.107.29:57353 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBE8D8A74 Ack: 0x8DAE3CC3 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/08-13:14:17.165362 72.30.107.29:33486 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE59EB85E Ack: 0xB3B01DE3 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/08-14:40:44.666095 72.30.107.29:52093 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2B89B3E2 Ack: 0xFA13E153 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/08-16:26:48.338586 72.30.107.29:44064 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBB793549 Ack: 0x8AF1D8F4 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/08-17:15:43.454667 72.30.107.29:51298 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x748E1570 Ack: 0x43466692 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/08-19:19:42.186537 72.30.107.29:33337 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x49040720 Ack: 0x1770FBFF Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/08-20:43:17.694656 72.30.107.29:37236 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8443D12D Ack: 0x536C28A9 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/08-23:09:08.567167 72.30.107.29:56073 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xAB07CF0A Ack: 0x7A4215AB Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/09-00:13:27.831141 72.30.107.29:44316 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x9DF34984 Ack: 0x6CCE871E Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/09-01:38:46.023332 72.30.107.29:35588 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xDF7A866B Ack: 0xAED43C78 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/09-02:45:43.208149 72.30.107.29:55852 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xDD8060F7 Ack: 0xABB0C1EB Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/09-04:46:25.235476 72.30.107.29:38166 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA4BCC8F5 Ack: 0x74717D2D Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/09-15:21:13.767625 72.30.107.29:51147 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x226A612 Ack: 0xD17B5DC0 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/09-17:22:48.111674 72.30.107.29:54656 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xCD755F48 Ack: 0x9C22B597 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/09-19:45:16.087952 72.30.107.29:59476 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xE7557AB5 Ack: 0xB50543A6 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/09-21:47:19.518571 72.30.107.29:43285 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB46A32AF Ack: 0x8384773A Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/09-23:26:11.802223 72.30.107.29:48683 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x293200D3 Ack: 0xF7F3D6F9 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-00:29:38.171153 72.30.107.29:41746 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x191F2E69 Ack: 0xE72EF071 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-02:50:52.110173 72.30.107.29:47561 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2E21BF64 Ack: 0xFCDB71CB Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-04:01:53.319168 72.30.107.29:45512 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x3AA1C6A3 Ack: 0x980199F Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-05:16:59.210281 72.30.107.29:39895 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x564267AD Ack: 0x2589432E Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-06:37:18.206804 72.30.107.29:41189 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x84F55F2A Ack: 0x54910338 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-08:00:22.805964 72.30.107.29:59693 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xBF22230F Ack: 0x8D20AB7B Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-09:27:34.140194 72.30.107.29:54156 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x8697398 Ack: 0xD72A8931 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-11:13:46.805215 72.30.107.29:37384 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x98A9053B Ack: 0x68246C41 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-12:13:54.022911 72.30.107.29:58986 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7D9BCAE1 Ack: 0x4AC7723F Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-13:22:45.537448 72.30.107.29:48336 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x80DBB1B7 Ack: 0x4FD6720D Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-14:30:49.483970 72.30.107.29:33645 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x81C6A5A0 Ack: 0x501B0CB7 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-15:10:59.373197 72.30.107.29:54030 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x1994BE86 Ack: 0xE7713719 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-17:30:12.066448 72.30.107.29:39654 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x2760F8BD Ack: 0xF5C9C68A Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-18:24:18.548351 72.30.107.29:35916 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF36532AE Ack: 0xC2459CF8 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-21:02:23.431121 72.30.107.29:37613 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x48885D5F Ack: 0x178AC221 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-22:35:43.235933 72.30.107.29:48910 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xA88600A3 Ack: 0x77637D18 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/10-23:51:28.275243 72.30.107.29:32928 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x6589E41C Ack: 0x959E933F Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/11-01:05:50.276307 72.30.107.29:51585 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x7F426B12 Ack: 0xADCDF1C2 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/21-19:57:35.852691 72.30.107.29:54596 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x9B648E2D Ack: 0xCB29F5D5 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/21-21:12:51.245634 72.30.107.29:50128 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xB7C99A60 Ack: 0xE72CC46C Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/21-22:53:31.621543 72.30.107.29:38025 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x34508D76 Ack: 0x633A47D6 Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/22-00:05:42.272442 72.30.107.29:48780 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x43D03BD1 Ack: 0x734478CE Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/22-01:14:11.302969 72.30.107.29:42213 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0x47434FF1 Ack: 0x76589E7C Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
[**] [1:1852:3] WEB-MISC robots.txt access [**]
[Classification: access to a potentially vulnerable web application] [Priority: 2]
07/22-03:07:35.385166 72.30.107.29:48143 -> 192.168.24.11:80
TCP TTL:240 TOS:0x10 ID:0 IpLen:20 DgmLen:232
***AP*** Seq: 0xF31CDAC9 Ack: 0x22A809CB Win: 0x5C TcpLen: 20
[Xref => http://cgi.nessus.org/plugins/dump.php3?id=10302]
SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Sep 14 05:05:24 2010