Row
|
Column
|
Cell
|
105.175.203.246<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 105.175.203.246:0
|
105.175.203.246<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
105.175.203.246<=402
|
payload:ICMP
|
ICMP
|
105.219.67.188<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 105.219.67.188:0
|
105.219.67.188<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
105.219.67.188<=402
|
payload:ICMP
|
ICMP
|
108.69.106.249<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 108.69.106.249:0
|
108.69.106.249<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
108.69.106.249<=402
|
payload:ICMP
|
ICMP
|
111.243.168.133<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 111.243.168.133:0
|
111.243.168.133<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
111.243.168.133<=402
|
payload:ICMP
|
ICMP
|
111.87.222.49<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 111.87.222.49:0
|
111.87.222.49<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
111.87.222.49<=402
|
payload:ICMP
|
ICMP
|
117.35.249.36<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 117.35.249.36:0
|
117.35.249.36<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
117.35.249.36<=402
|
payload:ICMP
|
ICMP
|
123.154.36.61<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 123.154.36.61:0
|
123.154.36.61<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
123.154.36.61<=402
|
payload:ICMP
|
ICMP
|
124.47.161.50<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 124.47.161.50:3729
|
124.47.161.50<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
124.47.161.50<=2924
|
payload:TCP
|
TCP
|
133.84.11.26<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 133.84.11.26:0
|
133.84.11.26<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
133.84.11.26<=402
|
payload:ICMP
|
ICMP
|
135.99.60.82<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 135.99.60.82:0
|
135.99.60.82<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
135.99.60.82<=402
|
payload:ICMP
|
ICMP
|
140.110.138.192<=100000137
|
from:140.110.138.191
|
140.110.138.191:24800 => 140.110.138.192:39014
|
140.110.138.192<=100000137
|
name:COMMUNITY MISC BAD-SSL tcp detect
|
priority=3class=Misc activity
|
140.110.138.192<=100000137
|
payload:TCP
|
TCP
|
142.22.78.231<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 142.22.78.231:0
|
142.22.78.231<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
142.22.78.231<=402
|
payload:ICMP
|
ICMP
|
145.127.244.37<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 145.127.244.37:0
|
145.127.244.37<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
145.127.244.37<=402
|
payload:ICMP
|
ICMP
|
16.197.30.30<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 16.197.30.30:0
|
16.197.30.30<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
16.197.30.30<=402
|
payload:ICMP
|
ICMP
|
165.228.223.251<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 165.228.223.251:3706
|
165.228.223.251<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
165.228.223.251<=2924
|
payload:TCP
|
TCP
|
167.85.69.97<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 167.85.69.97:0
|
167.85.69.97<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
167.85.69.97<=402
|
payload:ICMP
|
ICMP
|
168.150.177.115<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 168.150.177.115:0
|
168.150.177.115<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
168.150.177.115<=402
|
payload:ICMP
|
ICMP
|
168.150.177.115<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 168.150.177.115:0
|
168.150.177.115<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
168.150.177.115<=408
|
payload:ICMP
|
ICMP
|
168.150.177.165<=1411
|
from:24.7.178.192
|
24.7.178.192:35974 => 168.150.177.165:161
|
168.150.177.165<=1411
|
name:SNMP public access udp
|
priority=2class=Attempted Information Leak
|
168.150.177.165<=1411
|
payload:UDP
|
UDP
|
168.150.177.165<=1417
|
from:24.7.178.192
|
24.7.178.192:35974 => 168.150.177.165:161
|
168.150.177.165<=1417
|
name:SNMP request udp
|
priority=2class=Attempted Information Leak
|
168.150.177.165<=1417
|
payload:UDP
|
UDP
|
168.150.177.165<=18
|
from:172.145.36.246
|
172.145.36.246:0 => 168.150.177.165:0
|
168.150.177.165<=18
|
name:(portscan) UDP Decoy Portscan
|
priority=3class=Port Scan
|
168.150.177.165<=18
|
payload:PROTO:255
|
PROTO:255
|
168.150.177.165<=2
|
from:222.100.101.2
|
222.100.101.2:0 => 168.150.177.165:0
|
168.150.177.165<=2
|
name:(portscan) TCP Decoy Portscan
|
priority=3class=Port Scan
|
168.150.177.165<=2
|
payload:PROTO:255
|
PROTO:255
|
168.150.177.165<=2182
|
from:219.47.72.53
|
219.47.72.53:34664 => 168.150.177.165:55728
|
168.150.177.165<=2182
|
from:220.144.91.32
|
220.144.91.32:34664 => 168.150.177.165:55728
|
168.150.177.165<=2182
|
name:BACKDOOR typot trojan traffic
|
priority=1class=A Network Trojan was detected
|
168.150.177.165<=2182
|
payload:TCP
|
TCP
|
168.150.177.165<=2351
|
from:12.215.86.115
|
12.215.86.115:1725 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:143.238.254.172
|
143.238.254.172:38037 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:172.131.96.11
|
172.131.96.11:4125 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:172.209.45.131
|
172.209.45.131:4492 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:208.28.150.10
|
208.28.150.10:2327 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:213.139.233.82
|
213.139.233.82:29543 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:216.230.44.131
|
216.230.44.131:36188 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:58.107.83.219
|
58.107.83.219:61335 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:60.173.70.174
|
60.173.70.174:60112 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:60.234.234.235
|
60.234.234.235:4016 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:62.62.141.11
|
62.62.141.11:31463 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:69.204.206.39
|
69.204.206.39:3469 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:72.242.6.121
|
72.242.6.121:2825 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:80.183.136.26
|
80.183.136.26:3834 => 168.150.177.165:135
|
168.150.177.165<=2351
|
from:85.64.246.247
|
85.64.246.247:3083 => 168.150.177.165:135
|
168.150.177.165<=2351
|
name:NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode
|
priority=1class=Attempted Administrator Privilege Gain
|
168.150.177.165<=2351
|
payload:TCP
|
TCP
|
168.150.177.165<=2403
|
from:124.47.161.50
|
124.47.161.50:1029 => 168.150.177.165:139
|
168.150.177.165<=2403
|
from:212.175.111.242
|
212.175.111.242:1051 => 168.150.177.165:139
|
168.150.177.165<=2403
|
from:58.238.103.14
|
58.238.103.14:4507 => 168.150.177.165:139
|
168.150.177.165<=2403
|
from:59.114.124.128
|
59.114.124.128:62410 => 168.150.177.165:139
|
168.150.177.165<=2403
|
from:63.87.226.35
|
63.87.226.35:4201 => 168.150.177.165:139
|
168.150.177.165<=2403
|
name:NETBIOS SMB Session Setup AndX request unicode username overflow attempt
|
priority=1class=Attempted Administrator Privilege Gain
|
168.150.177.165<=2403
|
payload:TCP
|
TCP
|
168.150.177.165<=2404
|
from:124.47.161.50
|
124.47.161.50:3856 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:151.205.152.150
|
151.205.152.150:1362 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:165.228.223.251
|
165.228.223.251:4361 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:168.226.4.156
|
168.226.4.156:1707 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:195.180.37.6
|
195.180.37.6:4392 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:200.105.199.142
|
200.105.199.142:2233 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:200.207.41.77
|
200.207.41.77:2686 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:206.159.178.239
|
206.159.178.239:1505 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:206.162.170.188
|
206.162.170.188:3031 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:212.175.111.242
|
212.175.111.242:3100 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:212.175.208.47
|
212.175.208.47:2376 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:216.138.123.38
|
216.138.123.38:3046 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:218.163.231.62
|
218.163.231.62:3426 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:218.170.102.140
|
218.170.102.140:4913 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:219.117.242.253
|
219.117.242.253:2120 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:219.235.49.90
|
219.235.49.90:4842 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:24.105.187.229
|
24.105.187.229:3693 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:61.120.225.67
|
61.120.225.67:3712 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:62.35.20.128
|
62.35.20.128:2766 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:63.87.226.35
|
63.87.226.35:3102 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:63.90.117.56
|
63.90.117.56:4035 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:64.148.211.242
|
64.148.211.242:1817 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:64.201.236.198
|
64.201.236.198:3363 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:66.66.255.9
|
66.66.255.9:4042 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:70.150.95.119
|
70.150.95.119:3822 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:70.20.129.58
|
70.20.129.58:1774 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:71.99.253.94
|
71.99.253.94:1483 => 168.150.177.165:445
|
168.150.177.165<=2404
|
from:87.219.188.122
|
87.219.188.122:3609 => 168.150.177.165:445
|
168.150.177.165<=2404
|
name:NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt
|
priority=1class=Attempted Administrator Privilege Gain
|
168.150.177.165<=2404
|
payload:TCP
|
TCP
|
168.150.177.165<=2466
|
from:12.176.80.239
|
12.176.80.239:1352 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:125.203.127.46
|
125.203.127.46:1300 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:168.160.224.133
|
168.160.224.133:1549 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:168.226.136.174
|
168.226.136.174:4093 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:170.163.160.201
|
170.163.160.201:32410 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:202.56.255.38
|
202.56.255.38:46297 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:207.155.240.226
|
207.155.240.226:17507 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:212.123.21.67
|
212.123.21.67:5460 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:213.92.32.16
|
213.92.32.16:4755 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:216.241.50.148
|
216.241.50.148:3396 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:218.219.220.239
|
218.219.220.239:2594 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:219.164.3.40
|
219.164.3.40:4065 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:61.57.245.34
|
61.57.245.34:14634 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:63.161.52.34
|
63.161.52.34:6891 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:64.148.211.242
|
64.148.211.242:4201 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:65.106.97.11
|
65.106.97.11:3897 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:68.255.112.117
|
68.255.112.117:2198 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:74.130.69.42
|
74.130.69.42:2586 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:80.203.220.210
|
80.203.220.210:1646 => 168.150.177.165:445
|
168.150.177.165<=2466
|
from:83.229.70.170
|
83.229.70.170:3833 => 168.150.177.165:445
|
168.150.177.165<=2466
|
name:NETBIOS SMB-DS IPC$ unicode share access
|
priority=3class=Generic Protocol Command Decode
|
168.150.177.165<=2466
|
payload:TCP
|
TCP
|
168.150.177.165<=2514
|
from:125.203.127.46
|
125.203.127.46:1300 => 168.150.177.165:445
|
168.150.177.165<=2514
|
from:168.226.136.174
|
168.226.136.174:4093 => 168.150.177.165:445
|
168.150.177.165<=2514
|
from:218.219.220.239
|
218.219.220.239:2594 => 168.150.177.165:445
|
168.150.177.165<=2514
|
from:219.164.3.40
|
219.164.3.40:4065 => 168.150.177.165:445
|
168.150.177.165<=2514
|
name:NETBIOS SMB-DS DCERPC LSASS DsRolerUpgradeDownlevelServer exploit attempt
|
priority=1class=Attempted Administrator Privilege Gain
|
168.150.177.165<=2514
|
payload:TCP
|
TCP
|
168.150.177.165<=255
|
from:85.97.114.6
|
85.97.114.6:0 => 168.150.177.165:0
|
168.150.177.165<=255
|
name:(snort_decoder) WARNING: ICMP Original IP Fragmented and Offset Not 0!
|
priority=3class=Port Scan
|
168.150.177.165<=255
|
payload:ICMP
|
ICMP
|
168.150.177.165<=3003
|
from:168.226.4.156
|
168.226.4.156:1707 => 168.150.177.165:445
|
168.150.177.165<=3003
|
name:NETBIOS SMB-DS Session Setup NTMLSSP unicode asn1 overflow attempt
|
priority=3class=Generic Protocol Command Decode
|
168.150.177.165<=3003
|
payload:TCP
|
TCP
|
168.150.177.165<=366
|
from:169.237.5.23
|
169.237.5.23:0 => 168.150.177.165:0
|
168.150.177.165<=366
|
from:169.237.7.180
|
169.237.7.180:0 => 168.150.177.165:0
|
168.150.177.165<=366
|
name:ICMP PING *NIX
|
priority=3class=Misc activity
|
168.150.177.165<=366
|
payload:ICMP
|
ICMP
|
168.150.177.165<=368
|
from:169.237.5.23
|
169.237.5.23:0 => 168.150.177.165:0
|
168.150.177.165<=368
|
from:169.237.7.180
|
169.237.7.180:0 => 168.150.177.165:0
|
168.150.177.165<=368
|
name:ICMP PING BSDtype
|
priority=3class=Misc activity
|
168.150.177.165<=368
|
payload:ICMP
|
ICMP
|
168.150.177.165<=372
|
from:220.79.110.181
|
220.79.110.181:0 => 168.150.177.165:0
|
168.150.177.165<=372
|
name:ICMP PING Delphi-Piette Windows
|
priority=3class=Misc activity
|
168.150.177.165<=372
|
payload:ICMP
|
ICMP
|
168.150.177.165<=384
|
from:169.237.5.23
|
169.237.5.23:0 => 168.150.177.165:0
|
168.150.177.165<=384
|
from:169.237.7.180
|
169.237.7.180:0 => 168.150.177.165:0
|
168.150.177.165<=384
|
from:202.97.193.72
|
202.97.193.72:0 => 168.150.177.165:0
|
168.150.177.165<=384
|
from:220.79.110.181
|
220.79.110.181:0 => 168.150.177.165:0
|
168.150.177.165<=384
|
from:24.7.178.192
|
24.7.178.192:0 => 168.150.177.165:0
|
168.150.177.165<=384
|
from:24.96.107.24
|
24.96.107.24:0 => 168.150.177.165:0
|
168.150.177.165<=384
|
from:60.8.86.98
|
60.8.86.98:0 => 168.150.177.165:0
|
168.150.177.165<=384
|
from:68.52.58.192
|
68.52.58.192:0 => 168.150.177.165:0
|
168.150.177.165<=384
|
from:80.203.220.210
|
80.203.220.210:0 => 168.150.177.165:0
|
168.150.177.165<=384
|
name:ICMP PING
|
priority=3class=Misc activity
|
168.150.177.165<=384
|
payload:ICMP
|
ICMP
|
168.150.177.165<=399
|
from:200.171.140.70
|
200.171.140.70:0 => 168.150.177.165:0
|
168.150.177.165<=399
|
from:62.238.255.201
|
62.238.255.201:0 => 168.150.177.165:0
|
168.150.177.165<=399
|
from:87.219.188.122
|
87.219.188.122:0 => 168.150.177.165:0
|
168.150.177.165<=399
|
name:ICMP Destination Unreachable Host Unreachable
|
priority=3class=Misc activity
|
168.150.177.165<=399
|
payload:ICMP
|
ICMP
|
168.150.177.165<=401
|
from:200.41.26.131
|
200.41.26.131:0 => 168.150.177.165:0
|
168.150.177.165<=401
|
name:ICMP Destination Unreachable Network Unreachable
|
priority=3class=Misc activity
|
168.150.177.165<=401
|
payload:ICMP
|
ICMP
|
168.150.177.165<=402
|
from:124.106.228.183
|
124.106.228.183:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:168.150.177.1
|
168.150.177.1:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:207.255.108.7
|
207.255.108.7:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:211.59.225.76
|
211.59.225.76:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:213.226.248.12
|
213.226.248.12:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:222.139.201.232
|
222.139.201.232:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:68.10.140.78
|
68.10.140.78:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:68.229.220.72
|
68.229.220.72:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:70.144.239.205
|
70.144.239.205:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:80.187.4.226
|
80.187.4.226:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:81.211.124.57
|
81.211.124.57:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:84.131.4.249
|
84.131.4.249:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:84.94.132.18
|
84.94.132.18:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:85.105.136.12
|
85.105.136.12:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:85.108.165.183
|
85.108.165.183:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:85.97.114.6
|
85.97.114.6:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
from:87.202.139.118
|
87.202.139.118:0 => 168.150.177.165:0
|
168.150.177.165<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
168.150.177.165<=402
|
payload:ICMP
|
ICMP
|
168.150.177.165<=469
|
from:68.52.58.192
|
68.52.58.192:0 => 168.150.177.165:0
|
168.150.177.165<=469
|
name:ICMP PING NMAP
|
priority=2class=Attempted Information Leak
|
168.150.177.165<=469
|
payload:ICMP
|
ICMP
|
168.150.177.165<=485
|
from:80.143.2.4
|
80.143.2.4:0 => 168.150.177.165:0
|
168.150.177.165<=485
|
from:84.152.165.254
|
84.152.165.254:0 => 168.150.177.165:0
|
168.150.177.165<=485
|
name:ICMP Destination Unreachable Communication Administratively Prohibited
|
priority=3class=Misc activity
|
168.150.177.165<=485
|
payload:ICMP
|
ICMP
|
168.150.177.165<=530
|
from:222.212.64.198
|
222.212.64.198:4113 => 168.150.177.165:139
|
168.150.177.165<=530
|
name:NETBIOS NT NULL session
|
priority=2class=Attempted Information Leak
|
168.150.177.165<=530
|
payload:TCP
|
TCP
|
168.150.177.165<=538
|
from:124.60.120.214
|
124.60.120.214:4460 => 168.150.177.165:139
|
168.150.177.165<=538
|
from:222.233.63.49
|
222.233.63.49:2146 => 168.150.177.165:139
|
168.150.177.165<=538
|
from:64.132.169.61
|
64.132.169.61:34944 => 168.150.177.165:139
|
168.150.177.165<=538
|
name:NETBIOS SMB IPC$ unicode share access
|
priority=3class=Generic Protocol Command Decode
|
168.150.177.165<=538
|
payload:TCP
|
TCP
|
168.150.177.1<=19
|
from:168.150.177.165
|
168.150.177.165:0 => 168.150.177.1:0
|
168.150.177.1<=19
|
name:(portscan) UDP Portsweep
|
priority=3class=Port Scan
|
168.150.177.1<=19
|
payload:PROTO:255
|
PROTO:255
|
168.150.177.1<=1917
|
from:168.150.177.165
|
168.150.177.165:13226 => 168.150.177.1:1900
|
168.150.177.1<=1917
|
name:SCAN UPnP service discover attempt
|
priority=3class=Detection of a Network Scan
|
168.150.177.1<=1917
|
payload:UDP
|
UDP
|
169.237.5.23<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 169.237.5.23:0
|
169.237.5.23<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
169.237.5.23<=408
|
payload:ICMP
|
ICMP
|
169.237.7.180<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 169.237.7.180:0
|
169.237.7.180<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
169.237.7.180<=408
|
payload:ICMP
|
ICMP
|
172.145.36.246<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 172.145.36.246:0
|
172.145.36.246<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
172.145.36.246<=402
|
payload:ICMP
|
ICMP
|
174.46.118.149<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 174.46.118.149:0
|
174.46.118.149<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
174.46.118.149<=402
|
payload:ICMP
|
ICMP
|
176.232.251.36<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 176.232.251.36:0
|
176.232.251.36<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
176.232.251.36<=402
|
payload:ICMP
|
ICMP
|
180.211.173.54<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 180.211.173.54:0
|
180.211.173.54<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
180.211.173.54<=402
|
payload:ICMP
|
ICMP
|
182.227.184.247<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 182.227.184.247:0
|
182.227.184.247<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
182.227.184.247<=402
|
payload:ICMP
|
ICMP
|
195.180.37.6<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 195.180.37.6:4626
|
195.180.37.6<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
195.180.37.6<=2924
|
payload:TCP
|
TCP
|
198.227.98.132<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 198.227.98.132:0
|
198.227.98.132<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
198.227.98.132<=402
|
payload:ICMP
|
ICMP
|
20.219.102.10<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 20.219.102.10:0
|
20.219.102.10<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
20.219.102.10<=402
|
payload:ICMP
|
ICMP
|
20.46.179.49<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 20.46.179.49:0
|
20.46.179.49<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
20.46.179.49<=402
|
payload:ICMP
|
ICMP
|
200.105.199.142<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 200.105.199.142:3856
|
200.105.199.142<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
200.105.199.142<=2924
|
payload:TCP
|
TCP
|
200.207.41.77<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 200.207.41.77:2591
|
200.207.41.77<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
200.207.41.77<=2924
|
payload:TCP
|
TCP
|
202.97.193.72<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 202.97.193.72:0
|
202.97.193.72<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
202.97.193.72<=408
|
payload:ICMP
|
ICMP
|
202.99.172.171<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 202.99.172.171:0
|
202.99.172.171<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
202.99.172.171<=402
|
payload:ICMP
|
ICMP
|
202.99.172.172<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 202.99.172.172:0
|
202.99.172.172<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
202.99.172.172<=402
|
payload:ICMP
|
ICMP
|
204.16.208.61<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 204.16.208.61:0
|
204.16.208.61<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
204.16.208.61<=402
|
payload:ICMP
|
ICMP
|
205.152.165.102<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 205.152.165.102:0
|
205.152.165.102<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
205.152.165.102<=402
|
payload:ICMP
|
ICMP
|
206.159.178.239<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 206.159.178.239:1581
|
206.159.178.239<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
206.159.178.239<=2924
|
payload:TCP
|
TCP
|
206.162.170.188<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 206.162.170.188:2637
|
206.162.170.188<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
206.162.170.188<=2924
|
payload:TCP
|
TCP
|
207.210.240.12<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 207.210.240.12:0
|
207.210.240.12<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
207.210.240.12<=402
|
payload:ICMP
|
ICMP
|
207.210.240.22<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 207.210.240.22:0
|
207.210.240.22<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
207.210.240.22<=402
|
payload:ICMP
|
ICMP
|
207.220.248.51<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 207.220.248.51:0
|
207.220.248.51<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
207.220.248.51<=402
|
payload:ICMP
|
ICMP
|
207.56.212.95<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 207.56.212.95:0
|
207.56.212.95<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
207.56.212.95<=402
|
payload:ICMP
|
ICMP
|
210.185.223.146<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 210.185.223.146:0
|
210.185.223.146<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
210.185.223.146<=402
|
payload:ICMP
|
ICMP
|
212.175.111.242<=1
|
from:168.150.177.165
|
168.150.177.165:0 => 212.175.111.242:0
|
212.175.111.242<=1
|
name:(portscan) TCP Portscan
|
priority=3class=Port Scan
|
212.175.111.242<=1
|
payload:PROTO:255
|
PROTO:255
|
212.175.111.242<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 212.175.111.242:1582
|
212.175.111.242<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
212.175.111.242<=2924
|
payload:TCP
|
TCP
|
212.175.208.47<=1
|
from:168.150.177.165
|
168.150.177.165:0 => 212.175.208.47:0
|
212.175.208.47<=1
|
name:(portscan) TCP Portscan
|
priority=3class=Port Scan
|
212.175.208.47<=1
|
payload:PROTO:255
|
PROTO:255
|
212.175.208.47<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 212.175.208.47:1753
|
212.175.208.47<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
212.175.208.47<=2924
|
payload:TCP
|
TCP
|
212.187.177.228<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 212.187.177.228:0
|
212.187.177.228<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
212.187.177.228<=402
|
payload:ICMP
|
ICMP
|
213.35.7.207<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 213.35.7.207:0
|
213.35.7.207<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
213.35.7.207<=402
|
payload:ICMP
|
ICMP
|
217.208.68.90<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 217.208.68.90:0
|
217.208.68.90<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
217.208.68.90<=402
|
payload:ICMP
|
ICMP
|
219.117.242.253<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 219.117.242.253:2120
|
219.117.242.253<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
219.117.242.253<=2924
|
payload:TCP
|
TCP
|
22.221.10.223<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 22.221.10.223:0
|
22.221.10.223<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
22.221.10.223<=402
|
payload:ICMP
|
ICMP
|
220.79.110.181<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 220.79.110.181:0
|
220.79.110.181<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
220.79.110.181<=408
|
payload:ICMP
|
ICMP
|
221.203.145.56<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 221.203.145.56:0
|
221.203.145.56<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
221.203.145.56<=402
|
payload:ICMP
|
ICMP
|
221.203.145.73<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 221.203.145.73:0
|
221.203.145.73<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
221.203.145.73<=402
|
payload:ICMP
|
ICMP
|
221.203.145.74<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 221.203.145.74:0
|
221.203.145.74<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
221.203.145.74<=402
|
payload:ICMP
|
ICMP
|
221.203.189.44<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 221.203.189.44:0
|
221.203.189.44<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
221.203.189.44<=402
|
payload:ICMP
|
ICMP
|
222.26.224.140<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 222.26.224.140:0
|
222.26.224.140<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
222.26.224.140<=402
|
payload:ICMP
|
ICMP
|
223.124.151.30<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 223.124.151.30:0
|
223.124.151.30<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
223.124.151.30<=402
|
payload:ICMP
|
ICMP
|
224.0.0.13<=2189
|
from:140.110.138.253
|
140.110.138.253:0 => 224.0.0.13:0
|
224.0.0.13<=2189
|
name:BAD-TRAFFIC IP Proto 103 PIM
|
priority=2class=Detection of a non-standard protocol or event
|
224.0.0.13<=2189
|
payload:PIM
|
PIM
|
224.0.0.1<=382
|
from:140.110.138.5
|
140.110.138.5:0 => 224.0.0.1:0
|
224.0.0.1<=382
|
name:ICMP PING Windows
|
priority=3class=Misc activity
|
224.0.0.1<=382
|
payload:ICMP
|
ICMP
|
224.0.0.1<=384
|
from:140.110.138.5
|
140.110.138.5:0 => 224.0.0.1:0
|
224.0.0.1<=384
|
name:ICMP PING
|
priority=3class=Misc activity
|
224.0.0.1<=384
|
payload:ICMP
|
ICMP
|
23.227.229.222<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 23.227.229.222:0
|
23.227.229.222<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
23.227.229.222<=402
|
payload:ICMP
|
ICMP
|
239.255.255.250<=1917
|
from:168.150.177.165
|
168.150.177.165:1028 => 239.255.255.250:1900
|
239.255.255.250<=1917
|
name:SCAN UPnP service discover attempt
|
priority=3class=Detection of a Network Scan
|
239.255.255.250<=1917
|
payload:UDP
|
UDP
|
24.105.187.229<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 24.105.187.229:3641
|
24.105.187.229<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
24.105.187.229<=2924
|
payload:TCP
|
TCP
|
24.7.178.192<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 24.7.178.192:0
|
24.7.178.192<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
24.7.178.192<=402
|
payload:ICMP
|
ICMP
|
24.7.178.192<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 24.7.178.192:0
|
24.7.178.192<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
24.7.178.192<=408
|
payload:ICMP
|
ICMP
|
24.96.107.24<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 24.96.107.24:0
|
24.96.107.24<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
24.96.107.24<=408
|
payload:ICMP
|
ICMP
|
34.168.1.34<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 34.168.1.34:0
|
34.168.1.34<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
34.168.1.34<=402
|
payload:ICMP
|
ICMP
|
36.57.178.19<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 36.57.178.19:0
|
36.57.178.19<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
36.57.178.19<=402
|
payload:ICMP
|
ICMP
|
37.12.58.204<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 37.12.58.204:0
|
37.12.58.204<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
37.12.58.204<=402
|
payload:ICMP
|
ICMP
|
39.162.217.80<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 39.162.217.80:0
|
39.162.217.80<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
39.162.217.80<=402
|
payload:ICMP
|
ICMP
|
39.227.15.107<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 39.227.15.107:0
|
39.227.15.107<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
39.227.15.107<=402
|
payload:ICMP
|
ICMP
|
43.89.251.229<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 43.89.251.229:0
|
43.89.251.229<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
43.89.251.229<=402
|
payload:ICMP
|
ICMP
|
57.61.61.63<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 57.61.61.63:0
|
57.61.61.63<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
57.61.61.63<=402
|
payload:ICMP
|
ICMP
|
58.47.158.247<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 58.47.158.247:0
|
58.47.158.247<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
58.47.158.247<=402
|
payload:ICMP
|
ICMP
|
60.8.86.98<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 60.8.86.98:0
|
60.8.86.98<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
60.8.86.98<=408
|
payload:ICMP
|
ICMP
|
61.156.42.101<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 61.156.42.101:0
|
61.156.42.101<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
61.156.42.101<=402
|
payload:ICMP
|
ICMP
|
61.156.42.103<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 61.156.42.103:0
|
61.156.42.103<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
61.156.42.103<=402
|
payload:ICMP
|
ICMP
|
61.186.97.131<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 61.186.97.131:0
|
61.186.97.131<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
61.186.97.131<=402
|
payload:ICMP
|
ICMP
|
63.87.226.35<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 63.87.226.35:3042
|
63.87.226.35<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
63.87.226.35<=2924
|
payload:TCP
|
TCP
|
63.90.117.56<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 63.90.117.56:3633
|
63.90.117.56<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
63.90.117.56<=2924
|
payload:TCP
|
TCP
|
64.148.211.242<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 64.148.211.242:1185
|
64.148.211.242<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
64.148.211.242<=2924
|
payload:TCP
|
TCP
|
64.201.236.198<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 64.201.236.198:3227
|
64.201.236.198<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
64.201.236.198<=2924
|
payload:TCP
|
TCP
|
65.114.168.237<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 65.114.168.237:0
|
65.114.168.237<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
65.114.168.237<=408
|
payload:ICMP
|
ICMP
|
66.103.174.225<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 66.103.174.225:0
|
66.103.174.225<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
66.103.174.225<=402
|
payload:ICMP
|
ICMP
|
66.35.192.227<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 66.35.192.227:0
|
66.35.192.227<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
66.35.192.227<=402
|
payload:ICMP
|
ICMP
|
68.116.49.23<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 68.116.49.23:60667
|
68.116.49.23<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
68.116.49.23<=2924
|
payload:TCP
|
TCP
|
68.254.5.217<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 68.254.5.217:4243
|
68.254.5.217<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
68.254.5.217<=2924
|
payload:TCP
|
TCP
|
68.52.58.192<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 68.52.58.192:0
|
68.52.58.192<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
68.52.58.192<=408
|
payload:ICMP
|
ICMP
|
70.20.129.58<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 70.20.129.58:2688
|
70.20.129.58<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
70.20.129.58<=2924
|
payload:TCP
|
TCP
|
8.173.117.77<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 8.173.117.77:0
|
8.173.117.77<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
8.173.117.77<=402
|
payload:ICMP
|
ICMP
|
8.34.19.235<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 8.34.19.235:0
|
8.34.19.235<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
8.34.19.235<=402
|
payload:ICMP
|
ICMP
|
80.203.220.210<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 80.203.220.210:1662
|
80.203.220.210<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
80.203.220.210<=2924
|
payload:TCP
|
TCP
|
80.203.220.210<=408
|
from:168.150.177.165
|
168.150.177.165:0 => 80.203.220.210:0
|
80.203.220.210<=408
|
name:ICMP Echo Reply
|
priority=3class=Misc activity
|
80.203.220.210<=408
|
payload:ICMP
|
ICMP
|
80.252.21.163<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 80.252.21.163:0
|
80.252.21.163<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
80.252.21.163<=402
|
payload:ICMP
|
ICMP
|
82.70.205.178<=2924
|
from:168.150.177.165
|
168.150.177.165:445 => 82.70.205.178:3745
|
82.70.205.178<=2924
|
name:NETBIOS SMB-DS repeated logon failure
|
priority=1class=Unsuccessful User Privilege Gain
|
82.70.205.178<=2924
|
payload:TCP
|
TCP
|
82.70.205.178<=3
|
from:168.150.177.165
|
168.150.177.165:0 => 82.70.205.178:0
|
82.70.205.178<=3
|
name:(portscan) TCP Portsweep
|
priority=3class=Port Scan
|
82.70.205.178<=3
|
payload:PROTO:255
|
PROTO:255
|
83.220.74.162<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 83.220.74.162:0
|
83.220.74.162<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
83.220.74.162<=402
|
payload:ICMP
|
ICMP
|
91.156.41.244<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 91.156.41.244:0
|
91.156.41.244<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
91.156.41.244<=402
|
payload:ICMP
|
ICMP
|
95.105.169.35<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 95.105.169.35:0
|
95.105.169.35<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
95.105.169.35<=402
|
payload:ICMP
|
ICMP
|
95.149.33.232<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 95.149.33.232:0
|
95.149.33.232<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
95.149.33.232<=402
|
payload:ICMP
|
ICMP
|
97.76.172.44<=402
|
from:168.150.177.165
|
168.150.177.165:0 => 97.76.172.44:0
|
97.76.172.44<=402
|
name:ICMP Destination Unreachable Port Unreachable
|
priority=3class=Misc activity
|
97.76.172.44<=402
|
payload:ICMP
|
ICMP
|