| META |
| SID |
CID |
TimeStamp |
Signature |
Sig ID |
| 6 |
6594752 |
2007-07-05 12:13:49 |
|
|
| Sensor Hostname |
Sensor Interface |
| monitor-dmzo.isec.auckland.ac.nz |
dmz sensor |
|
| IP |
| Source Address |
Dest Address |
Ver |
Hdr Len |
TOS |
length |
ID |
flags |
offset |
TTL |
chksum |
| 202.174.113.25 |
130.216.191.182 |
4 |
5 |
0 |
877 |
1995 |
2 |
0 |
58 |
46953 |
| Resolved Source |
Resolved Dest |
| ns1.avatar.gen.nz |
gate.ec.auckland.ac.nz |
|
| TCP |
| Source Port |
Dest Port |
Seq |
Ack |
Offset |
Reserved |
Flags |
Window |
Checksum |
Urgent Ptr |
| 80 |
42379 |
3358601296 |
1152137099 |
8 |
0 |
24 |
6432 |
19653 |
0 |
| Flags |
|
| RB 1 |
RB 0 |
URG |
ACK |
PSH |
RST |
SYN |
FIN |
|
|
|
X |
X |
|
|
|
|
| DATA |
485454502F312E312032
3030204F4B0D0A446174
653A205468752C203035
204A756C203230303720
30303A30393A35372047
4D540D0A536572766572
3A204170616368652F32
2E302E34362028526564
20486174290D0A416363
6570742D52616E676573
3A2062797465730D0A58
2D506F77657265642D42
793A205048502F342E33
2E320D0A436F6E6E6563
74696F6E3A20636C6F73
650D0A5472616E736665
722D456E636F64696E67
3A206368756E6B65640D
0A436F6E74656E742D54
7970653A20696D616765
2F706E670D0A0D0A380D
0A89504E470D0A1A0A0D
0A340D0A0000000D0D0A
340D0A494844520D0A64
0D0A0000005000000019
04030000000D0A340D0A
5468B43A0D0A340D0A00
00001B0D0A340D0A504C
54450D0A330D0AFFFFFF
0D0A330D0A0000000D0A
330D0ADFDFDF0D0A330D
0A9F9F9F0D0A330D0A7F
7F7F0D0A330D0A1F1F1F
0D0A330D0ABFBFBF0D0A
330D0A5F5F5F0D0A330D
0A3F3F3F0D0A340D0A68
366D760D0A340D0A0000
018A0D0A340D0A494441
540D0A3138610D0A789C
D592BD53C24014C4D784
404A9F2190321115CB44
19EB20A0961C0C684944
C7169C1494661CC53FDB
BD0C1086F1ABF515979B
EC2F7B7BEF05F8CF659C
B42EBF56CAF79BAD7905
64221EF16937DDE14A22
3E1FAD0997B60BC832E5
6A8BB83B60E2A9A1C6FB
B41101A82BC092D749C1
34BAF4927E402D907DAD
D27C04DBD3DB2D0E4AC6
74C9412507C09E47F01A
D6401F1D165CC5ED498C
451C50908CA0F5A2B44F
30A326C3020C1C433119
227E7C67D560F4FC8C5B
43C5F915679B5ED0CE62
32D3018E06B6838A83B9
3BE67B2246269EBF022D
06B2F51578E83CACC8E8
A17EA264901BE4FD8957
A0CD8B458474BAF6F3A3
B80D6185287BF980EEDB
2FEBB3A3D0941A0DC292
1F1171F0F6A16A443468
B0C1FD4DC8D79B9E83A4
8E24B6EFDEF2C6455AD4
603646B001D1AE971C44
EE5431BDA9277638F726
F96CA0DCF35ED172332C
5591888E6D34E55D8F50
18AC43A9297A02451D57
71BA4C2FF408F53FB348
CFD73D794AB767585683
F594969D337C5F89EBFF
A016D5B8FDC965ABD4EC
7726AFD61F0EFE04AFF8
3B330D0A340D0ADDAEC8
0C0D0A340D0A00000000
0D0A340D0A49454E440D
0A340D0AAE4260820D0A
300D0A0D0A
|
HTTP/1.1 2
00 OK..Dat
e: Thu, 05
Jul 2007
00:09:57 G
MT..Server
: Apache/2
.0.46 (Red
Hat)..Acc
ept-Ranges
: bytes..X
-Powered-B
y: PHP/4.3
.2..Connec
tion: clos
e..Transfe
r-Encoding
: chunked.
.Content-T
ype: image
/png....8.
..PNG.....
.4........
4..IHDR..d
.....P....
.......4..
Th.:..4...
.....4..PL
TE..3.....
..3.......
3.......3.
......3...
....3.....
..3.......
3..___..3.
.???..4..h
6mv..4....
....4..IDA
T..18a..x.
...S.@....
@J.!.2...D
.. ....hID
.....f..?.
..........
./{{....e.
...V....y.
d"..i7..J"
>.......2.
j..;`.....
....+...I.
4...~@-.}.
.|....-.J.
t.A%...G..
.@...\..I.
E.P......O
0.&....C1.
"~|g.`...[
C...g.^..b
2.........
;.{"F&...-
....x.<...
.~.d.....W
...E.t....
..a.({....
/.........
..q...jD4h
...M......
.$.....EZ.
`6F......D
.T1..'v8.&
.l...^.r3,
U...m4.].P
..C.)z.E.W
q.L/...?.H
..=yJ.gXV.
....3|_...
......e...
w&........
;3..4.....
...4......
..4..IEND.
.4...B`...
0....
|
|
|
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
