192.168.1.109
|
2.3 |
VIEW 2 |
- 67.149.121.39 (D149-67-39-121.Clv.Wideopenwest.Com), Country: United States (Us), City: Elgin, Il.
|
- 1:22000032 {tcp} Inbound Attack: BLEEDING-EDGE EXPLOIT LSA exploit; 445<-64949
- 1:22000046 {tcp} Inbound Attack: BLEEDING-EDGE EXPLOIT MS04011 Lsasrv.dll RPC exploit (Win2k); 445<-64949
- 1:22466 {tcp} Inbound Attack: NETBIOS SMB-DS IPC$ unicode share access; 445<-64949
- 1:292000032 (2) {tcp} Inbound Attack: BotHunter EXPLOIT LSA exploit; 445<-64949
- 1:299906 (5) {tcp} Inbound Attack: SHELLCODE x86 0x90 unicode NOOP; 445<-64949
- 1:5001684 {tcp} Egg Download: BotHunter Malware Windows executable (PE) sent from remote host; 1028<-1643
- 1:2002029 {tcp} C&C Communication: ET TROJAN BOT - channel topic scan/exploit command; 1032<-12351
- 777:7777005 {tcp} Outbound Scan: Detected moderate malware port scanning of 9 IPs (9 /24s) (# pkts S/M/O/I=0/8/5/0): 64949:1, 445:7
|