[Silicon Defense logo]

SnortSnarf start page

All Snort signatures

SnortSnarf v021111.1

Signature section (153)Top 20 source IPsTop 20 dest IPs

153 alerts found using input module SnortFileInput, with sources: Earliest alert at 08:24:13.826429 on 08/07/2017
Latest alert at 15:41:18.393994 on 07/16/2018

PrioritySignature (click for sig info)# Alerts# Sources# DestsDetail link
2SERVER-WEBAPP JBoss web console access attempt [sid] [CVE]111Summary
1SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt [sid] [CVE]111Summary
1SQL 1 = 1 - possible sql injection attempt [ferruh.mavituna.com] [sid]111Summary
1SQL 1 = 0 - possible sql injection attempt [ferruh.mavituna.com] [sid]111Summary
1SQL url ending in comment characters - possible sql injection attempt [sid] [CVE]111Summary
1SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt [seclists.org] [sid]221Summary
1MALWARE-CNC User-Agent known malicious user agent BOT/0.1 [www.joomlacontenteditor.net] [sid]211Summary
1SERVER-WEBAPP Joomla JDatabaseDriverMysqli unserialize code execution attempt [sid] [CVE]321Summary
1OS-OTHER Bash CGI environment variable injection attempt [sid] [CVE]1181Summary
1SERVER-APACHE Apache Struts remote code execution attempt [sid] [CVE]31101Summary
1SERVER-ORACLE Oracle WebLogic Server remote command execution attempt [sid] [BUGTRAQ]91851Summary
0ICMP traffic [sid]822Summary

SnortSnarf brought to you courtesy of Silicon Defense
Authors: Jim Hoagland and Stuart Staniford
See also the Snort Page by Marty Roesch
Page generated at Wed Jul 18 17:01:01 2018