DCIP_20181029110718_20181101170719_102_168_8_80_p78D6J.pcap

MD5	a9e8e95cbd539ee56ee6127fe0a3b433
Submission Date	2018-11-04 08:27:00
Tags	(not set)

Alert 10

Showing 1-10 of 10 items.

Timestamp

Src Ip

Dest Ip

Alert Signature

2018-10-31T10:25:56.744438-0700

10.24.204.11

102.168.8.80

ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection

2018-10-30T06:45:00.152931-0700

10.24.139.250

102.168.8.80

ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection

2018-10-31T15:40:01.443130-0700

10.24.139.250

102.168.8.80

ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection

2018-10-31T06:25:45.747339-0700

10.24.204.11

102.168.8.80

ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection

2018-11-01T00:40:02.170864-0700

10.24.139.250

102.168.8.80

ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection

2018-10-31T12:40:00.235786-0700

10.24.139.250

102.168.8.80

ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection

2018-10-31T15:01:01.787095-0700

10.24.204.12

102.168.8.80

ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection

2018-11-01T08:20:00.581629-0700

10.24.204.11

102.168.8.80

ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection

2018-10-30T04:44:56.484772-0700

10.24.139.250

102.168.8.80

ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection

2018-10-30T13:20:00.685398-0700

10.24.204.11

102.168.8.80

ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection

DNS 0

#		Timestamp	Src Ip	Dest Ip	Dns Type	Resource Record Name	Resource Record Type	Resource Data
No results found.

TLS 0

#		Timestamp	Source IP	Destination IP	TLS Version	Server Name Indication
No results found.

TFTP 0

#	Timestamp	Src Ip	Dest Ip	Tftp Packet	Tftp File	Tftp Mode
No results found.

HTTP 0

#		Timestamp	Source	Hostname	Port	Method	URL	Status
No results found.

SMB 0

#		Timestamp	Src Ip	Dest Ip	SMB Dialect	Command	Session	Tree
No results found.

SMTP 0

#		Timestamp	Source	Destination	Email From	Email To	Subject
No results found.

Flow 183

Showing 1-20 of 183 items.

Timestamp

Flow Id

Event Type

Source

Source Port

Destination

Destination Port

Protocol

Host

2018-10-31T15:20:01.171715-0700

141481878764552

flow

10.24.139.250

57459

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1837121610504519

flow

10.24.139.250

52586

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1718138367409316

flow

10.24.139.250

55040

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

171877755546423

flow

10.24.204.11

61789

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1861652945334505

flow

10.24.204.11

61258

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1899117473233925

flow

10.24.204.11

57180

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1623434750406578

flow

10.24.204.11

61307

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1647452287161699

flow

10.24.139.250

60141

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

805557249205857

flow

10.24.204.11

61834

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1524119838011701

flow

10.24.204.11

60785

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

437490728577962

flow

10.24.204.11

57220

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1146844000381140

flow

10.24.139.250

62399

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1879305024989778

flow

10.24.204.11

60745

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1744314300959839

flow

10.24.139.250

57643

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1751488571717012

flow

10.24.139.250

52772

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1782206413926772

flow

10.24.139.250

55229

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

690769777180890

flow

10.24.139.250

59952

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1972253916749468

flow

10.24.204.12

56254

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1268779537441600

flow

10.24.139.250

60677

102.168.8.80

445

TCP

pcapanalyzer

2018-10-31T15:20:01.171715-0700

1832596622801476

flow

10.24.139.250

56067

102.168.8.80

445

TCP

pcapanalyzer

File 0

#		Timestamp	Source	Destination	File Name	File Magic	File Size
No results found.

Comments	(not set)

Update Download PCAP Delete