00.pcap

MD5c3866f619e9dd74add82dce9b6c9481e
Submission Date2019-01-28 03:06:01
Tags(not set)
Alert 78
Showing 61-78 of 78 items.
#
TimestampSrc IpDest IpAlert SignatureP
61
2006-10-04T18:25:20.810783-0700192.168.1.1203.140.25.50ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
62
2006-10-04T18:25:20.786316-0700192.168.1.1211.8.0.252ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
63
2006-10-04T18:25:19.326116-0700192.168.1.1210.153.70.38ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
64
2006-10-04T18:25:20.817850-0700192.168.1.1203.140.25.50ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
65
2006-10-04T18:25:20.791599-0700192.168.1.1211.8.0.252ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
66
2006-10-04T18:25:19.878710-0700192.168.1.1219.163.5.185ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
67
2006-10-04T18:25:19.886781-0700192.168.1.1219.163.5.185ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
68
2006-10-04T18:25:20.720190-0700192.168.1.184.244.1.30ET TROJAN IRC Private message on non-standard port*
69
2006-10-04T18:25:20.768654-0700192.168.1.1211.8.0.252ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
70
2006-10-04T18:25:20.796063-0700192.168.1.1203.140.25.50ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
71
2006-10-04T18:25:20.798675-0700192.168.1.1203.140.25.50ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
72
2006-10-04T18:25:20.806494-0700192.168.1.1203.140.25.50ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
73
2006-10-04T18:25:20.812296-0700192.168.1.1211.8.0.252ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
74
2006-10-04T18:25:20.816597-0700192.168.1.1211.8.0.252ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
75
2006-10-04T18:25:20.824988-0700192.168.1.1211.8.0.252ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi)*
76
2006-10-04T18:25:24.725852-0700192.168.1.184.244.1.30ET TROJAN IRC Private message on non-standard port*
77
2006-10-04T18:25:20.791974-0700192.168.1.184.244.1.30ET TROJAN Likely Bot Nick in IRC (Country Code ISO 3166-1 alpha-3*
78
2006-10-04T18:25:20.791974-0700192.168.1.184.244.1.30ET TROJAN SUSPICIOUS IRC - NICK and 3 Letter Country Code*
DNS 36
Showing 1-20 of 36 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2006-10-04T18:25:13.857590-0700192.168.1.1192.168.1.254querywindowsupdate.microsoft.comA(not set)
2
2006-10-04T18:25:14.625348-0700192.168.1.254192.168.1.1answerwindowsupdate.microsoft.comA(not set)
3
2006-10-04T18:25:15.003214-0700192.168.1.1192.168.1.254queryw0rld.secilmisler.comA(not set)
4
2006-10-04T18:25:15.397543-0700192.168.1.254192.168.1.1answerw0rld.secilmisler.comA(not set)
5
2006-10-04T18:25:15.582560-0700192.168.1.1192.168.1.254queryhpcgi1.nifty.comA(not set)
6
2006-10-04T18:25:16.130081-0700192.168.1.254192.168.1.1answerhpcgi1.nifty.comA(not set)
7
2006-10-04T18:25:16.140423-0700192.168.1.1192.168.1.254querywww.age.ne.jpA(not set)
8
2006-10-04T18:25:17.004796-0700192.168.1.254192.168.1.1answerwww.age.ne.jpA(not set)
9
2006-10-04T18:25:17.015558-0700192.168.1.1192.168.1.254querywww.kinchan.netA(not set)
10
2006-10-04T18:25:17.570360-0700192.168.1.254192.168.1.1answerwww.kinchan.netA(not set)
11
2006-10-04T18:25:17.578683-0700192.168.1.1192.168.1.254querycgi14.plala.or.jpA(not set)
12
2006-10-04T18:25:18.589285-0700192.168.1.1192.168.1.254querycgi14.plala.or.jpA(not set)
13
2006-10-04T18:25:19.319279-0700192.168.1.254192.168.1.1answercgi14.plala.or.jpA(not set)
14
2006-10-04T18:25:19.319501-0700192.168.1.254192.168.1.1answercgi14.plala.or.jpA(not set)
15
2006-10-04T18:25:19.328933-0700192.168.1.1192.168.1.254queryyia.s22.xrea.comA(not set)
16
2006-10-04T18:25:19.871919-0700192.168.1.254192.168.1.1answeryia.s22.xrea.comA(not set)
17
2006-10-04T18:25:19.881435-0700192.168.1.1192.168.1.254querywww2.dokidoki.ne.jpA(not set)
18
2006-10-04T18:25:20.760952-0700192.168.1.254192.168.1.1answerwww2.dokidoki.ne.jpA(not set)
19
2006-10-04T18:25:13.857590-0700192.168.1.1192.168.1.254querywindowsupdate.microsoft.comA(not set)
20
2006-10-04T18:25:14.625348-0700192.168.1.254192.168.1.1answerwindowsupdate.microsoft.comA(not set)
TLS 0
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
No results found.
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 68
Showing 61-68 of 68 items.
#
TimestampSourceHostnamePortMethodURLStatus
61
2006-10-04T18:25:20.791974-0700192.168.1.1www2.dokidoki.ne.jp80GET/tomocrus/cgi-bin/check/prxjdg.cgi404
62
2006-10-04T18:25:20.791974-0700192.168.1.1hpcgi1.nifty.com80GET/mute/c/prxjdg.cgi404
63
2006-10-04T18:25:20.791974-0700192.168.1.1www.age.ne.jp80GET/x/maxwell/cgi-bin/prxjdg.cgi404
64
2006-10-04T18:25:20.791974-0700192.168.1.1www.age.ne.jp80GET/x/maxwell/cgi-bin/prxjdg.cgi404
65
2006-10-04T18:25:20.791974-0700192.168.1.1www.kinchan.net80GET/cgi-bin/proxy.cgi404
66
2006-10-04T18:25:20.791974-0700192.168.1.1yia.s22.xrea.com80GET/prxjdg.cgi404
67
2006-10-04T18:25:20.791974-0700192.168.1.1www.age.ne.jp80GET/x/maxwell/cgi-bin/prxjdg.cgi404
68
2006-10-04T18:25:20.791974-0700192.168.1.1www.kinchan.net80GET/cgi-bin/proxy.cgi404
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 72
Showing 1-20 of 72 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2006-10-04T18:25:20.810870-0700565728243613648flow192.168.1.11113210.153.70.3880TCPpcapanalyzer
2
2006-10-04T18:25:20.810870-07001692594518115944flow192.168.1.11130203.140.25.5080TCPpcapanalyzer
3
2006-10-04T18:25:20.810870-07001415236267547568flow192.168.1.11126203.140.25.5080TCPpcapanalyzer
4
2006-10-04T18:25:20.810870-07001983142613271936flow192.168.1.11119211.8.0.25280TCPpcapanalyzer
5
2006-10-04T18:25:20.810870-0700448278067484150flow192.168.1.11025192.168.1.25453UDPpcapanalyzer
6
2006-10-04T18:25:20.810870-07001014307512719507flow192.168.1.11106203.140.25.5080TCPpcapanalyzer
7
2006-10-04T18:25:20.810870-07001020052031687631flow192.168.1.11131211.8.0.25280TCPpcapanalyzer
8
2006-10-04T18:25:20.810870-0700321857853018873flow192.168.1.11115219.163.5.18580TCPpcapanalyzer
9
2006-10-04T18:25:20.810870-07001168662195070082flow192.168.1.11111210.153.70.3880TCPpcapanalyzer
10
2006-10-04T18:25:20.810870-0700746574284018328flow192.168.1.11114219.163.5.18580TCPpcapanalyzer
11
2006-10-04T18:25:20.810870-07001314579414052090flow192.168.1.11122211.8.0.25280TCPpcapanalyzer
12
2006-10-04T18:25:20.810870-0700338565275903438flow192.168.1.11121211.8.0.25280TCPpcapanalyzer
13
2006-10-04T18:25:20.810870-07001896330586495422flow192.168.1.1110461.121.100.10780TCPpcapanalyzer
14
2006-10-04T18:25:20.810870-07001194554405421118flow192.168.1.11124202.189.151.580TCPpcapanalyzer
15
2006-10-04T18:25:20.810870-0700210081329206238flow192.168.1.11132211.8.0.25280TCPpcapanalyzer
16
2006-10-04T18:25:20.810870-0700784926194543591flow192.168.1.11128203.140.25.5080TCPpcapanalyzer
17
2006-10-04T18:25:20.810870-07002052096165668086flow192.168.1.11112210.153.70.3880TCPpcapanalyzer
18
2006-10-04T18:25:20.810870-0700795755954425558flow192.168.1.11110202.189.151.580TCPpcapanalyzer
19
2006-10-04T18:25:20.810870-0700377741819774679flow192.168.1.1110361.121.100.10780TCPpcapanalyzer
20
2006-10-04T18:25:20.810870-07002210146667262733flow192.168.1.11123202.189.151.580TCPpcapanalyzer
File 68
Showing 1-20 of 68 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2006-10-04T18:25:14.662404-0700207.46.18.94192.168.1.1/HTML document, ASCII text3985
2
2006-10-04T18:25:20.810870-0700210.153.70.38192.168.1.1/little_w/prxjdg.cgiXML 1.0 document, ASCII text1117
3
2006-10-04T18:25:20.810870-0700211.8.0.252192.168.1.1/tomocrus/cgi-bin/check/prxjdg.cgiXML 1.0 document, ASCII text1117
4
2006-10-04T18:25:20.810870-0700211.8.0.252192.168.1.1/tomocrus/cgi-bin/check/prxjdg.cgiXML 1.0 document, ASCII text1117
5
2006-10-04T18:25:20.810870-0700203.140.25.50192.168.1.1/x/maxwell/cgi-bin/prxjdg.cgiXML 1.0 document, ASCII text1117
6
2006-10-04T18:25:20.810870-0700219.163.5.185192.168.1.1/prxjdg.cgiXML 1.0 document, ASCII text1117
7
2006-10-04T18:25:20.810870-0700219.163.5.185192.168.1.1/prxjdg.cgiXML 1.0 document, ASCII text1117
8
2006-10-04T18:25:20.810870-0700203.140.25.50192.168.1.1/x/maxwell/cgi-bin/prxjdg.cgiXML 1.0 document, ASCII text1117
9
2006-10-04T18:25:20.810870-0700203.140.25.50192.168.1.1/x/maxwell/cgi-bin/prxjdg.cgiXML 1.0 document, ASCII text1117
10
2006-10-04T18:25:20.810870-0700210.153.70.38192.168.1.1/little_w/prxjdg.cgiXML 1.0 document, ASCII text1117
11
2006-10-04T18:25:20.810870-0700211.8.0.252192.168.1.1/tomocrus/cgi-bin/check/prxjdg.cgiXML 1.0 document, ASCII text1117
12
2006-10-04T18:25:20.810870-070061.121.100.107192.168.1.1/mute/c/prxjdg.cgiXML 1.0 document, ASCII text1117
13
2006-10-04T18:25:20.810870-0700211.8.0.252192.168.1.1/tomocrus/cgi-bin/check/prxjdg.cgiXML 1.0 document, ASCII text1117
14
2006-10-04T18:25:20.810870-0700211.8.0.252192.168.1.1/tomocrus/cgi-bin/check/prxjdg.cgiXML 1.0 document, ASCII text1117
15
2006-10-04T18:25:20.810870-0700202.189.151.5192.168.1.1/cgi-bin/proxy.cgiXML 1.0 document, ASCII text1117
16
2006-10-04T18:25:20.810870-0700203.140.25.50192.168.1.1/x/maxwell/cgi-bin/prxjdg.cgiXML 1.0 document, ASCII text1117
17
2006-10-04T18:25:20.810870-0700202.189.151.5192.168.1.1/cgi-bin/proxy.cgiXML 1.0 document, ASCII text1117
18
2006-10-04T18:25:20.810870-070061.121.100.107192.168.1.1/mute/c/prxjdg.cgiXML 1.0 document, ASCII text1117
19
2006-10-04T18:25:20.810870-0700210.153.70.38192.168.1.1/little_w/prxjdg.cgiXML 1.0 document, ASCII text1117
20
2006-10-04T18:25:20.810870-0700202.189.151.5192.168.1.1/cgi-bin/proxy.cgiXML 1.0 document, ASCII text1117

Comments(not set)

Update Download PCAP Delete