Target Server Attack Report

Specific Destination
Start Time:
Nov 4, 2014 04:00:00 PM GMT+07:00
End Time:
Nov 4, 2014 05:10:00 PM GMT+07:00
Action Type:
All
Severity:
All
Other:
All search criteria are in summary page
Description:
No.
Filter Name
0164: ICMP: Echo Request (Ping)
10.10.60.12
172.16.11.8
Low
7,742
10.10.90.12
172.16.11.8
Low
6,048
10.10.30.14
172.16.11.8
Low
5,671
10.10.10.11
172.16.11.8
Low
3,999
10.10.90.11
172.16.11.8
Low
3,934
10.10.40.13
172.16.11.8
Low
1,290
10.10.100.14
172.16.11.8
Low
806
10.10.20.11
172.16.11.8
Low
484
10.10.10.14
172.16.11.8
Low
248
10
10.10.100.12
172.16.11.8
Low
76
11
10.10.70.13
172.16.11.8
Low
70
12
10.10.30.15
172.16.11.8
Low
54
13
9220: PHP: Malicious Obfuscated PHP Program Access
10.10.70.14
172.16.11.8
Critical
54
Source IP Address
Dest IP Address
Severity
Hit Count
Page 1 of 6
No.
Filter Name
14
10.10.50.12
172.16.11.8
Low
54
15
10.10.30.16
172.16.11.8
Low
50
16
10.10.80.15
172.16.11.8
Low
46
17
4212: HTTP: PHP File Include Vulnerability
10.10.10.14
172.16.11.8
Critical
46
18
10.10.110.13
172.16.11.8
Critical
46
19
10.10.140.15
172.16.11.8
Critical
46
20
10.10.80.14
172.16.11.8
Critical
46
21
8479: HTTP: Suspicious HTTP Request
10.10.70.14
172.16.11.8
Critical
44
22
10.10.140.13
172.16.11.8
Low
41
23
10.10.30.12
172.16.11.8
Low
36
24
9220: PHP: Malicious Obfuscated PHP Program Access
10.10.70.12
172.16.11.8
Critical
36
25
2023: HTTP: Cross Site Scripting in GET Request
10.10.10.14
172.16.11.8
Major
34
26
10.10.140.15
172.16.11.8
Major
34
27
3886: HTTP: Cross Site Scripting in POST Request
10.10.10.14
172.16.11.8
Major
34
28
10.10.110.13
172.16.11.8
Major
34
29
10.10.140.15
172.16.11.8
Major
34
30
10.10.110.13
172.16.11.8
Major
34
31
10.10.80.14
172.16.11.8
Major
34
32
10.10.80.14
172.16.11.8
Major
34
33
8479: HTTP: Suspicious HTTP Request
10.10.70.12
172.16.11.8
Critical
32
34
10.10.70.11
172.16.11.8
Low
30
35
10.10.130.13
172.16.11.8
Low
26
36
10.10.140.15
172.16.11.8
Critical
20
37
12256: HTTP: Overlong URI in GET Request
10.10.110.13
172.16.11.8
Major
20
38
10.10.10.14
172.16.11.8
Critical
20
39
10.10.110.13
172.16.11.8
Critical
20
40
10.10.80.14
172.16.11.8
Critical
20
Source IP Address
Dest IP Address
Severity
Hit Count
Page 2 of 6
No.
Filter Name
41
10.10.10.14
172.16.11.8
Critical
20
42
10.10.110.13
172.16.11.8
Critical
20
43
10.10.80.14
172.16.11.8
Critical
20
44
10.10.140.15
172.16.11.8
Critical
20
45
10.10.10.14
172.16.11.8
Critical
18
46
10.10.80.14
172.16.11.8
Critical
18
47
10.10.110.13
172.16.11.8
Critical
18
48
10.10.140.11
172.16.11.8
Critical
18
49
12348: HTTP: PHP-CGI Query String Parameter Command

Injection Vulnerability
10.10.120.15
172.16.11.8
Low
18
50
10.10.140.15
172.16.11.8
Critical
18
51
1117: HTTP: IIS %252f Double Encoded / in URI
10.10.140.11
172.16.11.8
Critical
18
52
10.10.140.15
172.16.11.8
Critical
16
53
10.10.80.14
172.16.11.8
Critical
16
54
10.10.20.12
172.16.11.8
Major
16
55
12900: HTTP: Zend Technologies Zend Framework Information

Disclosure
5380: HTTP: Full-Width / Half-Width Unicode URI Evasion
10.10.140.11
172.16.11.8
Minor
16
56
10.10.10.14
172.16.11.8
Critical
16
57
10.10.140.15
172.16.11.8
Critical
16
58
10.10.110.13
172.16.11.8
Critical
16
59
10.10.80.14
172.16.11.8
Critical
16
60
10.10.10.14
172.16.11.8
Critical
16
61
10.10.110.13
172.16.11.8
Critical
16
62
10.10.10.14
172.16.11.8
Major
14
63
10.10.80.14
172.16.11.8
Critical
14
64
10.10.80.14
172.16.11.8
Critical
14
65
10.10.50.15
172.16.11.8
Low
14
66
10.10.140.15
172.16.11.8
Major
14
67
10.10.80.14
172.16.11.8
Major
14
Source IP Address
Dest IP Address
Severity
Hit Count
Page 3 of 6
No.
Filter Name
Source IP Address
Dest IP Address
Severity
Hit Count
68
3999: HTTP: Cross Site Scripting Attack in HTTP Header
10.10.140.11
172.16.11.8
Major
14
69
10.10.10.14
172.16.11.8
Critical
14
70
10.10.110.13
172.16.11.8
Critical
14
71
10.10.140.15
172.16.11.8
Critical
14
72
10.10.110.13
172.16.11.8
Critical
14
73
10.10.20.12
172.16.11.8
Major
14
74
10.10.110.13
172.16.11.8
Major
14
75
10.10.20.12
172.16.11.8
Major
14
76
10.10.140.15
172.16.11.8
Critical
14
77
10.10.10.14
172.16.11.8
Critical
14
78
1095: HTTP: IIS Extended Unicode Directory Traversal
10.10.140.11
172.16.11.8
Critical
14
79
10.10.70.14
172.16.11.8
Low
14
80
10.10.20.13
172.16.11.8
Low
14
81
3999: HTTP: Cross Site Scripting Attack in HTTP Header
10.10.20.12
172.16.11.8
Major
14
82
10.10.140.12
172.16.11.8
Low
14
83
10.10.40.11
172.16.11.8
Low
13
84
10.10.40.12
172.16.11.8
Low
12
85
10.10.140.15
172.16.11.8
Critical
12
86
10.10.110.13
172.16.11.8
Critical
12
87
10.10.10.14
172.16.11.8
Critical
12
88
10.10.80.14
172.16.11.8
Critical
12
89
10.10.80.14
172.16.11.8
Critical
10
90
10.10.130.16
172.16.11.8
Low
10
91
1109: HTTP: IIS %255c Double Encoded \ in URI
10.10.140.11
172.16.11.8
Critical
10
92
1117: HTTP: IIS %252f Double Encoded / in URI
10.10.20.12
172.16.11.8
Critical
10
93
12733: HTTP: Ruby on Rails YAML Injection Remote Code

Execution Vulnerability
10.10.70.14
172.16.11.8
Critical
10
10.10.10.12
172.16.11.8
Critical
10
94
Page 4 of 6
No.
Filter Name
Source IP Address
Dest IP Address
95
96
10.10.110.13
172.16.11.8
Low
10
10.10.20.12
172.16.11.8
Critical
10
97

10.10.110.13
172.16.11.8
Critical
10
98
1095: HTTP: IIS Extended Unicode Directory Traversal
10.10.20.12
172.16.11.8
Critical
10
99
1109: HTTP: IIS %255c Double Encoded \ in URI
10.10.20.12
172.16.11.8
Critical
10
100
10.10.10.14
172.16.11.8
Critical
10
Severity
Hit Count
Page 5 of 6
Detail Search Criteria

General Criteria
Filter Criteria
Start Time:
Nov 4, 2014 04:00:00 PM GMT+07:
End Time:
Run Time:
Action Type:
All
Nov 4, 2014 05:10:00 PM GMT+07:
Severity:
All
Nov 4, 2014 05:26:53 PM GMT+07:
Filter No(s):
All
Filter Name:
All
Filter Category:
All
Profile:
All
Network Criteria
Row Limit:
100
Src Addr(s):
0.0.0.0-255.255.255.255
Src Port(s):
All
Dst Addr(s):
172.16.11.8
Filter Taxonomy Criteria
Dst Port(s):
All
Protocol:
All
Src Country(s):
All
Platform:
All
Dst Country(s):
All
Classification:
All
VLAN:
All
Use Client IP for Source Address when Available:
true
Device / Segment Criteria

Device Group(s):
All
Device(s):
All
Segment Group(s):
All
Segment(s):
All
Page 6 of 6

Target Server Attack Report

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Target Server Attack Report

Caricato da

Copyright:

Formati disponibili

Specific Destination

Nov 4, 2014 04:00:00 PM GMT+07:00

Nov 4, 2014 05:10:00 PM GMT+07:00

All search criteria are in summary page

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

9220: PHP: Malicious Obfuscated PHP Program Access

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

4212: HTTP: PHP File Include Vulnerability

4212: HTTP: PHP File Include Vulnerability

4212: HTTP: PHP File Include Vulnerability

4212: HTTP: PHP File Include Vulnerability

8479: HTTP: Suspicious HTTP Request

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

9220: PHP: Malicious Obfuscated PHP Program Access

2023: HTTP: Cross Site Scripting in GET Request

2023: HTTP: Cross Site Scripting in GET Request

3886: HTTP: Cross Site Scripting in POST Request

3886: HTTP: Cross Site Scripting in POST Request

3886: HTTP: Cross Site Scripting in POST Request

2023: HTTP: Cross Site Scripting in GET Request

2023: HTTP: Cross Site Scripting in GET Request

3886: HTTP: Cross Site Scripting in POST Request

8479: HTTP: Suspicious HTTP Request

0164: ICMP: Echo Request (Ping)

0164: ICMP: Echo Request (Ping)

5877: HTTP: PHP File Include Vulnerability

12256: HTTP: Overlong URI in GET Request

6088: HTTP: PHP File Include Vulnerability

5877: HTTP: PHP File Include Vulnerability

6088: HTTP: PHP File Include Vulnerability

5877: HTTP: PHP File Include Vulnerability

6088: HTTP: PHP File Include Vulnerability

5877: HTTP: PHP File Include Vulnerability

6088: HTTP: PHP File Include Vulnerability

3601: HTTP: PHP File Include Vulnerability

3601: HTTP: PHP File Include Vulnerability

3601: HTTP: PHP File Include Vulnerability

12348: HTTP: PHP-CGI Query String Parameter Command

3601: HTTP: PHP File Include Vulnerability

1117: HTTP: IIS %252f Double Encoded / in URI

4611: HTTP: PHP File Include Vulnerability

4611: HTTP: PHP File Include Vulnerability

12900: HTTP: Zend Technologies Zend Framework Information

5898: HTTP: PHP File Include Vulnerability

5898: HTTP: PHP File Include Vulnerability

5898: HTTP: PHP File Include Vulnerability

5898: HTTP: PHP File Include Vulnerability

4611: HTTP: PHP File Include Vulnerability

4611: HTTP: PHP File Include Vulnerability

8530: HTTP: PHP File Include Vulnerability