Sie sind auf Seite 1von 6

Specific Destination

Start Time:

Nov 4, 2014 04:00:00 PM GMT+07:00

End Time:

Nov 4, 2014 05:10:00 PM GMT+07:00

Action Type:

All

Severity:

All

Other:

All search criteria are in summary page

Description:

No.

Filter Name

0164: ICMP: Echo Request (Ping)

10.10.60.12

172.16.11.8

Low

7,742

0164: ICMP: Echo Request (Ping)

10.10.90.12

172.16.11.8

Low

6,048

0164: ICMP: Echo Request (Ping)

10.10.30.14

172.16.11.8

Low

5,671

0164: ICMP: Echo Request (Ping)

10.10.10.11

172.16.11.8

Low

3,999

0164: ICMP: Echo Request (Ping)

10.10.90.11

172.16.11.8

Low

3,934

0164: ICMP: Echo Request (Ping)

10.10.40.13

172.16.11.8

Low

1,290

0164: ICMP: Echo Request (Ping)

10.10.100.14

172.16.11.8

Low

806

0164: ICMP: Echo Request (Ping)

10.10.20.11

172.16.11.8

Low

484

0164: ICMP: Echo Request (Ping)

10.10.10.14

172.16.11.8

Low

248

10

0164: ICMP: Echo Request (Ping)

10.10.100.12

172.16.11.8

Low

76

11

0164: ICMP: Echo Request (Ping)

10.10.70.13

172.16.11.8

Low

70

12

0164: ICMP: Echo Request (Ping)

10.10.30.15

172.16.11.8

Low

54

13

9220: PHP: Malicious Obfuscated PHP Program Access

10.10.70.14

172.16.11.8

Critical

54

Specific Destination

Source IP Address

Dest IP Address

Severity

Hit Count

Page 1 of 6

No.

Filter Name

14

0164: ICMP: Echo Request (Ping)

10.10.50.12

172.16.11.8

Low

54

15

0164: ICMP: Echo Request (Ping)

10.10.30.16

172.16.11.8

Low

50

16

0164: ICMP: Echo Request (Ping)

10.10.80.15

172.16.11.8

Low

46

17

4212: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

46

18

4212: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

46

19

4212: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

46

20

4212: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

46

21

8479: HTTP: Suspicious HTTP Request

10.10.70.14

172.16.11.8

Critical

44

22

0164: ICMP: Echo Request (Ping)

10.10.140.13

172.16.11.8

Low

41

23

0164: ICMP: Echo Request (Ping)

10.10.30.12

172.16.11.8

Low

36

24

9220: PHP: Malicious Obfuscated PHP Program Access

10.10.70.12

172.16.11.8

Critical

36

25

2023: HTTP: Cross Site Scripting in GET Request

10.10.10.14

172.16.11.8

Major

34

26

2023: HTTP: Cross Site Scripting in GET Request

10.10.140.15

172.16.11.8

Major

34

27

3886: HTTP: Cross Site Scripting in POST Request

10.10.10.14

172.16.11.8

Major

34

28

3886: HTTP: Cross Site Scripting in POST Request

10.10.110.13

172.16.11.8

Major

34

29

3886: HTTP: Cross Site Scripting in POST Request

10.10.140.15

172.16.11.8

Major

34

30

2023: HTTP: Cross Site Scripting in GET Request

10.10.110.13

172.16.11.8

Major

34

31

2023: HTTP: Cross Site Scripting in GET Request

10.10.80.14

172.16.11.8

Major

34

32

3886: HTTP: Cross Site Scripting in POST Request

10.10.80.14

172.16.11.8

Major

34

33

8479: HTTP: Suspicious HTTP Request

10.10.70.12

172.16.11.8

Critical

32

34

0164: ICMP: Echo Request (Ping)

10.10.70.11

172.16.11.8

Low

30

35

0164: ICMP: Echo Request (Ping)

10.10.130.13

172.16.11.8

Low

26

36

5877: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

20

37

12256: HTTP: Overlong URI in GET Request

10.10.110.13

172.16.11.8

Major

20

38

6088: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

20

39

5877: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

20

40

6088: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

20

Specific Destination

Source IP Address

Dest IP Address

Severity

Hit Count

Page 2 of 6

No.

Filter Name

41

5877: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

20

42

6088: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

20

43

5877: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

20

44

6088: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

20

45

3601: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

18

46

3601: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

18

47

3601: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

18

48

10.10.140.11

172.16.11.8

Critical

18

49

12348: HTTP: PHP-CGI Query String Parameter Command


Injection Vulnerability
0164: ICMP: Echo Request (Ping)

10.10.120.15

172.16.11.8

Low

18

50

3601: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

18

51

1117: HTTP: IIS %252f Double Encoded / in URI

10.10.140.11

172.16.11.8

Critical

18

52

4611: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

16

53

4611: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

16

54

10.10.20.12

172.16.11.8

Major

16

55

12900: HTTP: Zend Technologies Zend Framework Information


Disclosure
5380: HTTP: Full-Width / Half-Width Unicode URI Evasion

10.10.140.11

172.16.11.8

Minor

16

56

5898: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

16

57

5898: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

16

58

5898: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

16

59

5898: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

16

60

4611: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

16

61

4611: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

16

62

8530: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Major

14

63

6007: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

14

64

4375: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

14

65

0164: ICMP: Echo Request (Ping)

10.10.50.15

172.16.11.8

Low

14

66

8530: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Major

14

67

8530: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Major

14

Specific Destination

Source IP Address

Dest IP Address

Severity

Hit Count

Page 3 of 6

No.

Filter Name

Source IP Address

Dest IP Address

Severity

Hit Count

68

3999: HTTP: Cross Site Scripting Attack in HTTP Header

10.10.140.11

172.16.11.8

Major

14

69

4375: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

14

70

4375: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

14

71

6007: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

14

72

6007: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

14

73

3886: HTTP: Cross Site Scripting in POST Request

10.10.20.12

172.16.11.8

Major

14

74

8530: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Major

14

75

2023: HTTP: Cross Site Scripting in GET Request

10.10.20.12

172.16.11.8

Major

14

76

4375: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

14

77

6007: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

14

78

1095: HTTP: IIS Extended Unicode Directory Traversal

10.10.140.11

172.16.11.8

Critical

14

79

0164: ICMP: Echo Request (Ping)

10.10.70.14

172.16.11.8

Low

14

80

0164: ICMP: Echo Request (Ping)

10.10.20.13

172.16.11.8

Low

14

81

3999: HTTP: Cross Site Scripting Attack in HTTP Header

10.10.20.12

172.16.11.8

Major

14

82

0164: ICMP: Echo Request (Ping)

10.10.140.12

172.16.11.8

Low

14

83

0164: ICMP: Echo Request (Ping)

10.10.40.11

172.16.11.8

Low

13

84

0164: ICMP: Echo Request (Ping)

10.10.40.12

172.16.11.8

Low

12

85

4778: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

12

86

4778: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

12

87

4778: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

12

88

4778: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

12

89

4417: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

10

90

0164: ICMP: Echo Request (Ping)

10.10.130.16

172.16.11.8

Low

10

91

1109: HTTP: IIS %255c Double Encoded \ in URI

10.10.140.11

172.16.11.8

Critical

10

92

1117: HTTP: IIS %252f Double Encoded / in URI

10.10.20.12

172.16.11.8

Critical

10

93

12733: HTTP: Ruby on Rails YAML Injection Remote Code


Execution Vulnerability
12348: HTTP: PHP-CGI Query String Parameter Command
Injection Vulnerability

10.10.70.14

172.16.11.8

Critical

10

10.10.10.12

172.16.11.8

Critical

10

94

Specific Destination

Page 4 of 6

No.

Filter Name

Source IP Address

Dest IP Address

95
96

0164: ICMP: Echo Request (Ping)

10.10.110.13

172.16.11.8

Low

10

10.10.20.12

172.16.11.8

Critical

10

97

12348: HTTP: PHP-CGI Query String Parameter Command


Injection Vulnerability
4417: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

10

98

1095: HTTP: IIS Extended Unicode Directory Traversal

10.10.20.12

172.16.11.8

Critical

10

99

1109: HTTP: IIS %255c Double Encoded \ in URI

10.10.20.12

172.16.11.8

Critical

10

100

4417: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

10

Specific Destination

Severity

Hit Count

Page 5 of 6

Detail Search Criteria


General Criteria

Filter Criteria

Start Time:

Nov 4, 2014 04:00:00 PM GMT+07:

End Time:
Run Time:

Action Type:

All

Nov 4, 2014 05:10:00 PM GMT+07:

Severity:

All

Nov 4, 2014 05:26:53 PM GMT+07:

Filter No(s):

All

Filter Name:

All

Filter Category:

All

Profile:

All

Network Criteria

Row Limit:

100

Src Addr(s):

0.0.0.0-255.255.255.255

Src Port(s):

All

Dst Addr(s):

172.16.11.8

Filter Taxonomy Criteria

Dst Port(s):

All

Protocol:

All

Src Country(s):

All

Platform:

All

Dst Country(s):

All

Classification:

All

VLAN:

All

Use Client IP for Source Address when Available:

true

Device / Segment Criteria


Device Group(s):

All

Device(s):

All

Segment Group(s):

All

Segment(s):

All

Specific Destination

Page 6 of 6