Alert Table for aws_capture0.pcap

Relative Time Packet Source Source Port Destination Dest Port Category Rule Set Signature Severity
36.0 9 66.240.205.34 18081 10.0.0.84 2404 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 60 2
233.0 48 80.82.70.118 60000 10.0.0.84 23 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 70 2
373.0 73 80.82.65.105 55609 10.0.0.84 465 Misc Attack ET DROP Dshield Block Listed Source group 1 2
410.0 79 52.73.169.169 53904 10.0.0.84 53 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 38 2
463.0 85 139.162.110.42 56059 10.0.0.84 3306 Potentially Bad Traffic ET SCAN Suspicious inbound to mySQL port 3306 2
471.0 89 89.248.172.16 23320 10.0.0.84 5986 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 80 2
822.0 154 77.247.110.153 5076 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious Scan 2
822.0 154 77.247.110.153 5076 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious User-Agent Detected (friendly-scanner) 2
1497.0 255 89.248.174.3 55510 10.0.0.84 82 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 80 2
2024.0 308 103.28.103.152 5090 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious Scan 2
2024.0 308 103.28.103.152 5090 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious User-Agent Detected (friendly-scanner) 2
2101.0 315 92.53.65.52 57807 10.0.0.84 3631 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 83 2
3077.0 441 185.53.88.44 5148 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious Scan 2
3077.0 441 185.53.88.44 5148 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious User-Agent Detected (friendly-scanner) 2
3358.0 499 51.75.52.127 26200 10.0.0.84 4524 Misc Attack ET DROP Dshield Block Listed Source group 1 2
3358.0 499 51.75.52.127 26200 10.0.0.84 4524 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 38 2
3541.0 527 77.247.110.186 25404 10.0.0.84 5060 Attempted Information Leak ET SCAN Sipvicious User-Agent Detected (friendly-scanner) 2
3580.0 529 89.248.168.51 44143 10.0.0.84 2087 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 80 2
3585.0 531 104.140.188.58 56606 10.0.0.84 161 Attempted Information Leak GPL SNMP public access udp 2
3585.0 531 104.140.188.58 56606 10.0.0.84 161 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 97 2
3944.0 578 71.6.232.6 54512 10.0.0.84 161 Attempted Information Leak GPL SNMP public access udp 2
3972.0 589 104.140.188.46 59194 10.0.0.84 5060 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 97 2
4441.0 698 83.97.20.36 59249 10.0.0.84 48394 Misc Attack ET DROP Dshield Block Listed Source group 1 2
4620.0 722 111.6.78.157 58591 10.0.0.84 3306 Potentially Bad Traffic ET SCAN Suspicious inbound to mySQL port 3306 2
6052.0 950 80.82.65.105 41299 10.0.0.84 513 Misc Attack ET DROP Dshield Block Listed Source group 1 2
6404.0 1001 104.140.188.2 63733 10.0.0.84 1433 Potentially Bad Traffic ET SCAN Suspicious inbound to MSSQL port 1433 2
6404.0 1001 104.140.188.2 63733 10.0.0.84 1433 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 97 2
6557.0 1025 92.118.160.61 63391 10.0.0.84 7547 Misc Attack ET CINS Active Threat Intelligence Poor Reputation IP group 82 2
8211.0 1249 83.97.20.36 59249 10.0.0.84 48126 Misc Attack ET DROP Dshield Block Listed Source group 1 2
Alerts provided by Emerging Threats 2022-04-08
Open in new window Done