Alert Table for aws_capture0.pcap

Relative Time Packet Source Source Port Destination Dest Port Category Rule Set Signature Severity
36.0 9 66.240.205.34 18081 10.0.0.84 2404 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 74 2
410.0 79 52.73.169.169 53904 10.0.0.84 53 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 61 2
463.0 85 139.162.110.42 56059 10.0.0.84 3306 Potentially Bad Traffic ET SCAN Suspicious inbound to mySQL port 3306 2
471.0 89 89.248.172.16 23320 10.0.0.84 5986 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 92 2
522.0 106 153.36.232.139 21643 10.0.0.84 22 Generic Protocol Command Decode SURICATA STREAM reassembly overlap with different data 3
522.0 107 10.0.0.84 22 153.36.232.139 21643 Generic Protocol Command Decode SURICATA Applayer Detect protocol only one direction 3
822.0 154 77.247.110.153 5076 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious Scan 2
822.0 154 77.247.110.153 5076 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious User-Agent Detected (friendly-scanner) 2
2024.0 308 103.28.103.152 5090 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious Scan 2
2024.0 308 103.28.103.152 5090 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious User-Agent Detected (friendly-scanner) 2
3077.0 441 185.53.88.44 5148 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious Scan 2
3077.0 441 185.53.88.44 5148 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious User-Agent Detected (friendly-scanner) 2
3541.0 527 77.247.110.186 25404 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious User-Agent Detected (friendly-scanner) 2
3585.0 531 104.140.188.58 56606 10.0.0.84 161 Attempted Information Leak GPL SNMP public access udp 2
3944.0 578 71.6.232.6 54512 10.0.0.84 161 Attempted Information Leak GPL SNMP public access udp 2
4620.0 722 111.6.78.157 58591 10.0.0.84 3306 Potentially Bad Traffic ET SCAN Suspicious inbound to mySQL port 3306 2
6404.0 1001 104.140.188.2 63733 10.0.0.84 1433 Potentially Bad Traffic ET SCAN Suspicious inbound to MSSQL port 1433 2
7170.0 1100 71.6.147.254 29011 10.0.0.84 25105 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 77 2