SnortSnarf start page

All Snort signatures

SnortSnarf v021111.1

Signature section (16810)

Top 20 source IPs

Top 20 dest IPs

16810 alerts found using input module SnortFileInput, with sources:

/var/log/snort/alert

Earliest alert at 05:22:46.109645 on 09/14/2009
Latest alert at 03:01:30.602679 on 09/14/2010

Priority	Signature (click for sig info)	# Alerts	# Sources	# Dests	Detail link
N/A	(http_inspect) DOUBLE DECODING ATTACK	4	1	1	Summary
N/A	(snort_decoder) WARNING: TCP Data Offset is less than 5!	13	5	1	Summary
N/A	(http_inspect) OVERSIZE REQUEST-URI DIRECTORY	50	16	1	Summary
N/A	(http_inspect) OVERSIZE CHUNK ENCODING	57	36	1	Summary
N/A	(http_inspect) IIS UNICODE CODEPOINT ENCODING	347	6	1	Summary
N/A	(http_inspect) BARE BYTE UNICODE ENCODING	432	51	1	Summary
3	ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited [sid]	3	3	1	Summary
3	ICMP Destination Unreachable Communication Administratively Prohibited [sid]	42	12	1	Summary
2	WEB-MISC long basic authorization string [sid] [BUGTRAQ]	1	1	1	Summary
2	SNMP private access udp [sid] [BUGTRAQ]	2	1	1	Summary
2	SNMP public access udp [sid] [BUGTRAQ]	2	1	1	Summary
2	WEB-MISC WebDAV search access [sid] [arachNIDS]	2	2	1	Summary
2	WEB-MISC /etc/passwd [sid]	3	3	1	Summary
2	ATTACK-RESPONSES 403 Forbidden [sid]	3	1	1	Summary
2	SNMP request udp [sid] [BUGTRAQ]	4	2	1	Summary
2	IMAP authenticate overflow attempt [sid] [CVE]	5	3	1	Summary
2	WEB-FRONTPAGE /_vti_bin/ access [cgi.nessus.org] [sid]	6	5	1	Summary
2	ATTACK-RESPONSES id check returned root [sid]	8	2	2	Summary
2	WEB-MISC apache directory disclosure attempt [sid] [BUGTRAQ]	9	7	1	Summary
2	WEB-PHP test.php access [cgi.nessus.org] [sid]	13	1	1	Summary
2	WEB-MISC http directory traversal [sid] [arachNIDS]	38	18	1	Summary
2	WEB-IIS view source via translate header [sid] [arachNIDS]	85	74	1	Summary
2	WEB-MISC Invalid HTTP Version String [sid] [BUGTRAQ]	144	54	1	Summary
2	IMAP status overflow attempt [sid] [BUGTRAQ]	256	7	1	Summary
2	IMAP fetch overflow attempt [sid] [BUGTRAQ]	470	11	1	Summary
2	WEB-MISC robots.txt access [cgi.nessus.org] [sid]	14771	651	1	Summary
1	WEB-MISC Cisco IOS HTTP configuration attempt [sid] [BUGTRAQ]	1	1	1	Summary
1	MS-SQL probe response overflow attempt [sid] [BUGTRAQ]	4	3	1	Summary
1	WEB-MISC cross site scripting attempt [sid]	4	1	1	Summary
1	WEB-PHP remote include path [sid]	5	3	1	Summary
1	WEB-MISC Chunked-Encoding transfer attempt [sid] [BUGTRAQ]	9	3	1	Summary
1	NETBIOS SMB trans2open buffer overflow attempt [sid] [BUGTRAQ]	17	4	1	Summary

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Tue Sep 14 05:05:16 2010