Suricata Alerts

Timestamp Source IP Source Port Destination IP Destination Port Protocol GID SID REV Signature Category Severity
2020-07-16 20:19:36.749 192.168.68.21 [VT] 36237 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:41.754 192.168.68.1 [VT] 53 192.168.68.21 [VT] 35116 UDP 1 2200073 2 SURICATA IPv4 invalid checksum Generic Protocol Command Decode 3
2020-07-16 20:19:47.074 192.168.68.1 [VT] 53 192.168.68.21 [VT] 56770 UDP 1 2200073 2 SURICATA IPv4 invalid checksum Generic Protocol Command Decode 3
2020-07-16 20:19:53.401 192.168.68.21 [VT] 44241 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.429 192.168.68.21 [VT] 46587 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.441 192.168.68.21 [VT] 33135 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.449 192.168.68.21 [VT] 38149 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.466 192.168.68.21 [VT] 46433 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.475 192.168.68.21 [VT] 39387 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.481 192.168.68.21 [VT] 34077 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.491 192.168.68.21 [VT] 46435 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.498 192.168.68.21 [VT] 40101 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.505 192.168.68.21 [VT] 42555 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.512 192.168.68.21 [VT] 38739 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.518 192.168.68.21 [VT] 36993 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.525 192.168.68.21 [VT] 39577 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.547 192.168.68.21 [VT] 33901 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.563 192.168.68.21 [VT] 45101 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.568 192.168.68.21 [VT] 40697 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.780 192.168.68.21 [VT] 38117 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.784 192.168.68.21 [VT] 43975 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.788 192.168.68.21 [VT] 36559 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.792 192.168.68.21 [VT] 34351 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.796 192.168.68.21 [VT] 33417 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.801 192.168.68.21 [VT] 40489 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.805 192.168.68.21 [VT] 46199 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.809 192.168.68.21 [VT] 46135 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.813 192.168.68.21 [VT] 46323 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.817 192.168.68.21 [VT] 35289 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.822 192.168.68.21 [VT] 41021 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.826 192.168.68.21 [VT] 44903 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.841 192.168.68.21 [VT] 35541 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.845 192.168.68.21 [VT] 42777 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.848 192.168.68.21 [VT] 46503 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.852 192.168.68.21 [VT] 41937 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.857 192.168.68.21 [VT] 44311 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.860 192.168.68.21 [VT] 40863 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.864 192.168.68.21 [VT] 33911 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.868 192.168.68.21 [VT] 41723 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.871 192.168.68.21 [VT] 35207 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.874 192.168.68.21 [VT] 38513 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.878 192.168.68.21 [VT] 44215 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.882 192.168.68.21 [VT] 34699 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.885 192.168.68.21 [VT] 39383 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.889 192.168.68.21 [VT] 42745 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.893 192.168.68.21 [VT] 40121 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.896 192.168.68.21 [VT] 38157 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.900 192.168.68.21 [VT] 40465 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.903 192.168.68.21 [VT] 34959 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.906 192.168.68.21 [VT] 43669 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.910 192.168.68.21 [VT] 33663 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.916 192.168.68.21 [VT] 40583 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.922 192.168.68.21 [VT] 33891 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.927 192.168.68.21 [VT] 34609 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.930 192.168.68.21 [VT] 42063 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.933 192.168.68.21 [VT] 36273 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.937 192.168.68.21 [VT] 39061 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.984 192.168.68.21 [VT] 43711 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.986 192.168.68.21 [VT] 40899 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1
2020-07-16 20:19:53.989 192.168.68.21 [VT] 44685 192.168.68.1 [VT] 80 TCP 1 2024107 3 ET WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) Attempted User Privilege Gain 1