Context Navigation

程式碼：

    public void map(WritableComparable key, Text value,

         .............

      String property_name = "name=" + log.alert_name + ";priority="
          + log.priority + ";class=" + log.class_type + ";dst_port="
          + log.dstport + ";type=" + log.type;
      long lockId = table.startUpdate(new Text(log.destination));
      table.put(lockId, new Text("SourceSID:" + log.source + "("
          + log.sid+")"), property_name.getBytes());


          ............

  public static void creatTable(String table) throws IOException {
                          ........

      tableDesc.addFamily(new HColumnDescriptor("SourceSID:"));
        }

執行結果

select * from NewTable1;

98 row(s) in set. (0.46 sec)

Row	Column	Cell
105.175.203.246	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
105.219.67.188	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
108.69.106.249	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
111.243.168.133	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
111.87.222.49	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
117.35.249.36	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
123.154.36.61	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
124.47.161.50	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=3729;type=TCP
133.84.11.26	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
135.99.60.82	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
140.110.138.192	SourceSID:140.110.138.191(100000137)	name=COMMUNITY MISC BAD-SSL tcp detect ;priority=3;class=Misc activity;dst_port=39014;type=TCP
142.22.78.231	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
145.127.244.37	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
16.197.30.30	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
165.228.223.251	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=3706;type=TCP
167.85.69.97	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.1	SourceSID:168.150.177.165(19)	name=(portscan) UDP Portsweep ;priority=3;class=Port Scan;dst_port=0;type=PROTO:255
168.150.177.1	SourceSID:168.150.177.165(1917)	name=SCAN UPnP service discover attempt ;priority=3;class=Detection of a Network Scan;dst_port=1900;type=UDP
168.150.177.115	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.115	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:12.176.80.239(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:12.215.86.115(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:124.106.228.183(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:124.47.161.50(2403)	name=NETBIOS SMB Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=139;type=TCP
168.150.177.165	SourceSID:124.47.161.50(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:124.60.120.214(538)	name=NETBIOS SMB IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=139;type=TCP
168.150.177.165	SourceSID:125.203.127.46(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:125.203.127.46(2514)	name=NETBIOS SMB-DS DCERPC LSASS DsRolerUpgradeDownlevelServer exploit attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:143.238.254.172(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:151.205.152.150(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:165.228.223.251(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:168.150.177.1(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:168.160.224.133(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:168.226.136.174(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:168.226.136.174(2514)	name=NETBIOS SMB-DS DCERPC LSASS DsRolerUpgradeDownlevelServer exploit attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:168.226.4.156(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:168.226.4.156(3003)	name=NETBIOS SMB-DS Session Setup NTMLSSP unicode asn1 overflow attempt ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:169.237.5.23(366)	name=ICMP PING *NIX ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:169.237.5.23(368)	name=ICMP PING BSDtype ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:169.237.5.23(384)	name=ICMP PING ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:169.237.7.180(366)	name=ICMP PING *NIX ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:169.237.7.180(368)	name=ICMP PING BSDtype ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:169.237.7.180(384)	name=ICMP PING ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:170.163.160.201(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:172.131.96.11(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:172.145.36.246(18)	name=(portscan) UDP Decoy Portscan ;priority=3;class=Port Scan;dst_port=0;type=PROTO:255
168.150.177.165	SourceSID:172.209.45.131(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:195.180.37.6(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:200.105.199.142(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:200.171.140.70(399)	name=ICMP Destination Unreachable Host Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:200.207.41.77(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:200.41.26.131(401)	name=ICMP Destination Unreachable Network Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:202.56.255.38(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:202.97.193.72(384)	name=ICMP PING ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:206.159.178.239(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:206.162.170.188(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:207.155.240.226(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:207.255.108.7(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:208.28.150.10(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:211.59.225.76(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:212.123.21.67(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:212.175.111.242(2403)	name=NETBIOS SMB Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=139;type=TCP
168.150.177.165	SourceSID:212.175.111.242(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:212.175.208.47(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:213.139.233.82(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:213.226.248.12(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:213.92.32.16(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:216.138.123.38(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:216.230.44.131(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:216.241.50.148(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:218.163.231.62(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:218.170.102.140(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:218.219.220.239(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:218.219.220.239(2514)	name=NETBIOS SMB-DS DCERPC LSASS DsRolerUpgradeDownlevelServer exploit attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:219.117.242.253(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:219.164.3.40(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:219.164.3.40(2514)	name=NETBIOS SMB-DS DCERPC LSASS DsRolerUpgradeDownlevelServer exploit attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:219.235.49.90(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:219.47.72.53(2182)	name=BACKDOOR typot trojan traffic ;priority=1;class=A Network Trojan was detected;dst_port=55728;type=TCP
168.150.177.165	SourceSID:220.144.91.32(2182)	name=BACKDOOR typot trojan traffic ;priority=1;class=A Network Trojan was detected;dst_port=55728;type=TCP
168.150.177.165	SourceSID:220.79.110.181(372)	name=ICMP PING Delphi-Piette Windows ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:220.79.110.181(384)	name=ICMP PING ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:222.100.101.2(2)	name=(portscan) TCP Decoy Portscan ;priority=3;class=Port Scan;dst_port=0;type=PROTO:255
168.150.177.165	SourceSID:222.139.201.232(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:222.212.64.198(530)	name=NETBIOS NT NULL session ;priority=2;class=Attempted Information Leak;dst_port=139;type=TCP
168.150.177.165	SourceSID:222.233.63.49(538)	name=NETBIOS SMB IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=139;type=TCP
168.150.177.165	SourceSID:24.105.187.229(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:24.7.178.192(1411)	name=SNMP public access udp ;priority=2;class=Attempted Information Leak;dst_port=161;type=UDP
168.150.177.165	SourceSID:24.7.178.192(1417)	name=SNMP request udp ;priority=2;class=Attempted Information Leak;dst_port=161;type=UDP
168.150.177.165	SourceSID:24.7.178.192(384)	name=ICMP PING ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:24.96.107.24(384)	name=ICMP PING ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:58.107.83.219(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:58.238.103.14(2403)	name=NETBIOS SMB Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=139;type=TCP
168.150.177.165	SourceSID:59.114.124.128(2403)	name=NETBIOS SMB Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=139;type=TCP
168.150.177.165	SourceSID:60.173.70.174(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:60.234.234.235(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:60.8.86.98(384)	name=ICMP PING ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:61.120.225.67(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:61.57.245.34(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:62.238.255.201(399)	name=ICMP Destination Unreachable Host Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:62.35.20.128(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:62.62.141.11(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:63.161.52.34(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:63.87.226.35(2403)	name=NETBIOS SMB Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=139;type=TCP
168.150.177.165	SourceSID:63.87.226.35(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:63.90.117.56(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:64.132.169.61(538)	name=NETBIOS SMB IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=139;type=TCP
168.150.177.165	SourceSID:64.148.211.242(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:64.148.211.242(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:64.201.236.198(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:65.106.97.11(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:66.66.255.9(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:68.10.140.78(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:68.229.220.72(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:68.255.112.117(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:68.52.58.192(384)	name=ICMP PING ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:68.52.58.192(469)	name=ICMP PING NMAP ;priority=2;class=Attempted Information Leak;dst_port=0;type=ICMP
168.150.177.165	SourceSID:69.204.206.39(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:70.144.239.205(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:70.150.95.119(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:70.20.129.58(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:71.99.253.94(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:72.242.6.121(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:74.130.69.42(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:80.143.2.4(485)	name=ICMP Destination Unreachable Communication Administratively Prohibited ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:80.183.136.26(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:80.187.4.226(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:80.203.220.210(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:80.203.220.210(384)	name=ICMP PING ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:81.211.124.57(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:83.229.70.170(2466)	name=NETBIOS SMB-DS IPC$ unicode share access ;priority=3;class=Generic Protocol Command Decode;dst_port=445;type=TCP
168.150.177.165	SourceSID:84.131.4.249(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:84.152.165.254(485)	name=ICMP Destination Unreachable Communication Administratively Prohibited ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:84.94.132.18(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:85.105.136.12(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:85.108.165.183(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:85.64.246.247(2351)	name=NETBIOS DCERPC ISystemActivator path overflow attempt little endian unicode ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=135;type=TCP
168.150.177.165	SourceSID:85.97.114.6(255)	name=(snort_decoder) WARNING: ICMP Original IP Fragmented and Offset Not 0! ;priority=3;class=Port Scan;dst_port=0;type=ICMP
168.150.177.165	SourceSID:85.97.114.6(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:87.202.139.118(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
168.150.177.165	SourceSID:87.219.188.122(2404)	name=NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt ;priority=1;class=Attempted Administrator Privilege Gain;dst_port=445;type=TCP
168.150.177.165	SourceSID:87.219.188.122(399)	name=ICMP Destination Unreachable Host Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
169.237.5.23	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
169.237.7.180	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
172.145.36.246	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
174.46.118.149	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
176.232.251.36	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
180.211.173.54	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
182.227.184.247	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
195.180.37.6	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=4626;type=TCP
198.227.98.132	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
20.219.102.10	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
20.46.179.49	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
200.105.199.142	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=3856;type=TCP
200.207.41.77	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=2591;type=TCP
202.97.193.72	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
202.99.172.171	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
202.99.172.172	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
204.16.208.61	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
205.152.165.102	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
206.159.178.239	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=1581;type=TCP
206.162.170.188	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=2637;type=TCP
207.210.240.12	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
207.210.240.22	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
207.220.248.51	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
207.56.212.95	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
210.185.223.146	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
212.175.111.242	SourceSID:168.150.177.165(1)	name=(portscan) TCP Portscan ;priority=3;class=Port Scan;dst_port=0;type=PROTO:255
212.175.111.242	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=1582;type=TCP
212.175.208.47	SourceSID:168.150.177.165(1)	name=(portscan) TCP Portscan ;priority=3;class=Port Scan;dst_port=0;type=PROTO:255
212.175.208.47	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=1753;type=TCP
212.187.177.228	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
213.35.7.207	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
217.208.68.90	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
219.117.242.253	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=2120;type=TCP
22.221.10.223	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
220.79.110.181	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
221.203.145.56	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
221.203.145.73	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
221.203.145.74	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
221.203.189.44	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
222.26.224.140	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
223.124.151.30	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
224.0.0.1	SourceSID:140.110.138.5(382)	name=ICMP PING Windows ;priority=3;class=Misc activity;dst_port=0;type=ICMP
224.0.0.1	SourceSID:140.110.138.5(384)	name=ICMP PING ;priority=3;class=Misc activity;dst_port=0;type=ICMP
224.0.0.13	SourceSID:140.110.138.253(2189)	name=BAD-TRAFFIC IP Proto 103 PIM ;priority=2;class=Detection of a non-standard protocol or event;dst_port=0;type=PIM
23.227.229.222	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
239.255.255.250	SourceSID:168.150.177.165(1917)	name=SCAN UPnP service discover attempt ;priority=3;class=Detection of a Network Scan;dst_port=1900;type=UDP
24.105.187.229	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=3641;type=TCP
24.7.178.192	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
24.7.178.192	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
24.96.107.24	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
34.168.1.34	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
36.57.178.19	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
37.12.58.204	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
39.162.217.80	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
39.227.15.107	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
43.89.251.229	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
57.61.61.63	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
58.47.158.247	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
60.8.86.98	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
61.156.42.101	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
61.156.42.103	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
61.186.97.131	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
63.87.226.35	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=3042;type=TCP
63.90.117.56	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=3633;type=TCP
64.148.211.242	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=1185;type=TCP
64.201.236.198	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=3227;type=TCP
65.114.168.237	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
66.103.174.225	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
66.35.192.227	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
68.116.49.23	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=60667;type=TCP
68.254.5.217	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=4243;type=TCP
68.52.58.192	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
70.20.129.58	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=2688;type=TCP
8.173.117.77	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
8.34.19.235	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
80.203.220.210	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=1662;type=TCP
80.203.220.210	SourceSID:168.150.177.165(408)	name=ICMP Echo Reply ;priority=3;class=Misc activity;dst_port=0;type=ICMP
80.252.21.163	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
82.70.205.178	SourceSID:168.150.177.165(2924)	name=NETBIOS SMB-DS repeated logon failure ;priority=1;class=Unsuccessful User Privilege Gain;dst_port=3745;type=TCP
82.70.205.178	SourceSID:168.150.177.165(3)	name=(portscan) TCP Portsweep ;priority=3;class=Port Scan;dst_port=0;type=PROTO:255
83.220.74.162	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
91.156.41.244	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
95.105.169.35	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
95.149.33.232	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP
97.76.172.44	SourceSID:168.150.177.165(402)	name=ICMP Destination Unreachable Port Unreachable ;priority=3;class=Misc activity;dst_port=0;type=ICMP

Last modified 16 years ago Last modified on Aug 12, 2008, 6:01:13 PM

Download in other formats:

Plain Text