0% found this document useful (0 votes)
259 views6 pages

Target Server Attack Report

The document lists traffic data between source and destination IP addresses over a specific time period. There were 100 entries listed with details like filter name, source/destination IP addresses, severity level, and hit count. The list showed many entries related to vulnerabilities in PHP files.

Uploaded by

ujang.pantry
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
259 views6 pages

Target Server Attack Report

The document lists traffic data between source and destination IP addresses over a specific time period. There were 100 entries listed with details like filter name, source/destination IP addresses, severity level, and hit count. The list showed many entries related to vulnerabilities in PHP files.

Uploaded by

ujang.pantry
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Specific Destination

Start Time:

Nov 4, 2014 04:00:00 PM GMT+07:00

End Time:

Nov 4, 2014 05:10:00 PM GMT+07:00

Action Type:

All

Severity:

All

Other:

All search criteria are in summary page

Description:

No.

Filter Name

0164: ICMP: Echo Request (Ping)

10.10.60.12

172.16.11.8

Low

7,742

0164: ICMP: Echo Request (Ping)

10.10.90.12

172.16.11.8

Low

6,048

0164: ICMP: Echo Request (Ping)

10.10.30.14

172.16.11.8

Low

5,671

0164: ICMP: Echo Request (Ping)

10.10.10.11

172.16.11.8

Low

3,999

0164: ICMP: Echo Request (Ping)

10.10.90.11

172.16.11.8

Low

3,934

0164: ICMP: Echo Request (Ping)

10.10.40.13

172.16.11.8

Low

1,290

0164: ICMP: Echo Request (Ping)

10.10.100.14

172.16.11.8

Low

806

0164: ICMP: Echo Request (Ping)

10.10.20.11

172.16.11.8

Low

484

0164: ICMP: Echo Request (Ping)

10.10.10.14

172.16.11.8

Low

248

10

0164: ICMP: Echo Request (Ping)

10.10.100.12

172.16.11.8

Low

76

11

0164: ICMP: Echo Request (Ping)

10.10.70.13

172.16.11.8

Low

70

12

0164: ICMP: Echo Request (Ping)

10.10.30.15

172.16.11.8

Low

54

13

9220: PHP: Malicious Obfuscated PHP Program Access

10.10.70.14

172.16.11.8

Critical

54

Specific Destination

Source IP Address

Dest IP Address

Severity

Hit Count

Page 1 of 6

No.

Filter Name

14

0164: ICMP: Echo Request (Ping)

10.10.50.12

172.16.11.8

Low

54

15

0164: ICMP: Echo Request (Ping)

10.10.30.16

172.16.11.8

Low

50

16

0164: ICMP: Echo Request (Ping)

10.10.80.15

172.16.11.8

Low

46

17

4212: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

46

18

4212: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

46

19

4212: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

46

20

4212: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

46

21

8479: HTTP: Suspicious HTTP Request

10.10.70.14

172.16.11.8

Critical

44

22

0164: ICMP: Echo Request (Ping)

10.10.140.13

172.16.11.8

Low

41

23

0164: ICMP: Echo Request (Ping)

10.10.30.12

172.16.11.8

Low

36

24

9220: PHP: Malicious Obfuscated PHP Program Access

10.10.70.12

172.16.11.8

Critical

36

25

2023: HTTP: Cross Site Scripting in GET Request

10.10.10.14

172.16.11.8

Major

34

26

2023: HTTP: Cross Site Scripting in GET Request

10.10.140.15

172.16.11.8

Major

34

27

3886: HTTP: Cross Site Scripting in POST Request

10.10.10.14

172.16.11.8

Major

34

28

3886: HTTP: Cross Site Scripting in POST Request

10.10.110.13

172.16.11.8

Major

34

29

3886: HTTP: Cross Site Scripting in POST Request

10.10.140.15

172.16.11.8

Major

34

30

2023: HTTP: Cross Site Scripting in GET Request

10.10.110.13

172.16.11.8

Major

34

31

2023: HTTP: Cross Site Scripting in GET Request

10.10.80.14

172.16.11.8

Major

34

32

3886: HTTP: Cross Site Scripting in POST Request

10.10.80.14

172.16.11.8

Major

34

33

8479: HTTP: Suspicious HTTP Request

10.10.70.12

172.16.11.8

Critical

32

34

0164: ICMP: Echo Request (Ping)

10.10.70.11

172.16.11.8

Low

30

35

0164: ICMP: Echo Request (Ping)

10.10.130.13

172.16.11.8

Low

26

36

5877: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

20

37

12256: HTTP: Overlong URI in GET Request

10.10.110.13

172.16.11.8

Major

20

38

6088: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

20

39

5877: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

20

40

6088: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

20

Specific Destination

Source IP Address

Dest IP Address

Severity

Hit Count

Page 2 of 6

No.

Filter Name

41

5877: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

20

42

6088: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

20

43

5877: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

20

44

6088: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

20

45

3601: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

18

46

3601: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

18

47

3601: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

18

48

10.10.140.11

172.16.11.8

Critical

18

49

12348: HTTP: PHP-CGI Query String Parameter Command


Injection Vulnerability
0164: ICMP: Echo Request (Ping)

10.10.120.15

172.16.11.8

Low

18

50

3601: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

18

51

1117: HTTP: IIS %252f Double Encoded / in URI

10.10.140.11

172.16.11.8

Critical

18

52

4611: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

16

53

4611: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

16

54

10.10.20.12

172.16.11.8

Major

16

55

12900: HTTP: Zend Technologies Zend Framework Information


Disclosure
5380: HTTP: Full-Width / Half-Width Unicode URI Evasion

10.10.140.11

172.16.11.8

Minor

16

56

5898: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

16

57

5898: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

16

58

5898: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

16

59

5898: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

16

60

4611: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

16

61

4611: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

16

62

8530: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Major

14

63

6007: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

14

64

4375: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

14

65

0164: ICMP: Echo Request (Ping)

10.10.50.15

172.16.11.8

Low

14

66

8530: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Major

14

67

8530: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Major

14

Specific Destination

Source IP Address

Dest IP Address

Severity

Hit Count

Page 3 of 6

No.

Filter Name

Source IP Address

Dest IP Address

Severity

Hit Count

68

3999: HTTP: Cross Site Scripting Attack in HTTP Header

10.10.140.11

172.16.11.8

Major

14

69

4375: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

14

70

4375: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

14

71

6007: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

14

72

6007: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

14

73

3886: HTTP: Cross Site Scripting in POST Request

10.10.20.12

172.16.11.8

Major

14

74

8530: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Major

14

75

2023: HTTP: Cross Site Scripting in GET Request

10.10.20.12

172.16.11.8

Major

14

76

4375: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

14

77

6007: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

14

78

1095: HTTP: IIS Extended Unicode Directory Traversal

10.10.140.11

172.16.11.8

Critical

14

79

0164: ICMP: Echo Request (Ping)

10.10.70.14

172.16.11.8

Low

14

80

0164: ICMP: Echo Request (Ping)

10.10.20.13

172.16.11.8

Low

14

81

3999: HTTP: Cross Site Scripting Attack in HTTP Header

10.10.20.12

172.16.11.8

Major

14

82

0164: ICMP: Echo Request (Ping)

10.10.140.12

172.16.11.8

Low

14

83

0164: ICMP: Echo Request (Ping)

10.10.40.11

172.16.11.8

Low

13

84

0164: ICMP: Echo Request (Ping)

10.10.40.12

172.16.11.8

Low

12

85

4778: HTTP: PHP File Include Vulnerability

10.10.140.15

172.16.11.8

Critical

12

86

4778: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

12

87

4778: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

12

88

4778: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

12

89

4417: HTTP: PHP File Include Vulnerability

10.10.80.14

172.16.11.8

Critical

10

90

0164: ICMP: Echo Request (Ping)

10.10.130.16

172.16.11.8

Low

10

91

1109: HTTP: IIS %255c Double Encoded \ in URI

10.10.140.11

172.16.11.8

Critical

10

92

1117: HTTP: IIS %252f Double Encoded / in URI

10.10.20.12

172.16.11.8

Critical

10

93

12733: HTTP: Ruby on Rails YAML Injection Remote Code


Execution Vulnerability
12348: HTTP: PHP-CGI Query String Parameter Command
Injection Vulnerability

10.10.70.14

172.16.11.8

Critical

10

10.10.10.12

172.16.11.8

Critical

10

94

Specific Destination

Page 4 of 6

No.

Filter Name

Source IP Address

Dest IP Address

95
96

0164: ICMP: Echo Request (Ping)

10.10.110.13

172.16.11.8

Low

10

10.10.20.12

172.16.11.8

Critical

10

97

12348: HTTP: PHP-CGI Query String Parameter Command


Injection Vulnerability
4417: HTTP: PHP File Include Vulnerability

10.10.110.13

172.16.11.8

Critical

10

98

1095: HTTP: IIS Extended Unicode Directory Traversal

10.10.20.12

172.16.11.8

Critical

10

99

1109: HTTP: IIS %255c Double Encoded \ in URI

10.10.20.12

172.16.11.8

Critical

10

100

4417: HTTP: PHP File Include Vulnerability

10.10.10.14

172.16.11.8

Critical

10

Specific Destination

Severity

Hit Count

Page 5 of 6

Detail Search Criteria


General Criteria

Filter Criteria

Start Time:

Nov 4, 2014 04:00:00 PM GMT+07:

End Time:
Run Time:

Action Type:

All

Nov 4, 2014 05:10:00 PM GMT+07:

Severity:

All

Nov 4, 2014 05:26:53 PM GMT+07:

Filter No(s):

All

Filter Name:

All

Filter Category:

All

Profile:

All

Network Criteria

Row Limit:

100

Src Addr(s):

0.0.0.0-255.255.255.255

Src Port(s):

All

Dst Addr(s):

172.16.11.8

Filter Taxonomy Criteria

Dst Port(s):

All

Protocol:

All

Src Country(s):

All

Platform:

All

Dst Country(s):

All

Classification:

All

VLAN:

All

Use Client IP for Source Address when Available:

true

Device / Segment Criteria


Device Group(s):

All

Device(s):

All

Segment Group(s):

All

Segment(s):

All

Specific Destination

Page 6 of 6

You might also like