Alert Table for turducken.pcap

Relative Time	Packet	Source	Source Port	Destination	Dest Port	Category	Rule Set	Signature	Severity
0.0	n/a	192.168.1.1	1101	84.244.1.30	5050	A Network Trojan was detected	ET MALWARE	Likely Bot Nick in IRC (Country Code ISO 3166-1 alpha-3)	1
0.0	n/a	192.168.1.1	1101	84.244.1.30	5050	Potentially Bad Traffic	ET HUNTING	SUSPICIOUS IRC - NICK and 3 Letter Country Code	2
1.0	19	192.168.1.1	1101	84.244.1.30	5050	A Network Trojan was detected	ET MALWARE	Likely Bot Nick in IRC (Country Code ISO 3166-1 alpha-3)	1
1.0	19	192.168.1.1	1101	84.244.1.30	5050	Potentially Bad Traffic	ET HUNTING	SUSPICIOUS IRC - NICK and 3 Letter Country Code	2
1.0	19	192.168.1.1	1101	84.244.1.30	5050	Misc activity	ET INFO	IRC Nick change on non-standard port	3
1.0	21	192.168.1.1	1101	84.244.1.30	5050	A Network Trojan was detected	ET MALWARE	Likely Bot Username in IRC (XP-..)	1
1.0	27	192.168.1.1	1101	84.244.1.30	5050	A client was using an unusual port	ET POLICY	IRC Channel JOIN on non-standard port	2
2.0	32	192.168.1.1	1101	84.244.1.30	5050	A client was using an unusual port	ET POLICY	IRC Channel JOIN on non-standard port	2
2.0	36	192.168.1.1	1101	84.244.1.30	5050	A client was using an unusual port	ET POLICY	IRC Channel JOIN on non-standard port	2
2.0	51	192.168.1.1	1102	61.121.100.107	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
2.0	58	192.168.1.1	1103	61.121.100.107	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
3.0	67	192.168.1.1	1104	61.121.100.107	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
3.0	70	192.168.1.1	1101	84.244.1.30	5050	A Network Trojan was detected	ET MALWARE	IRC Private message on non-standard port	1
4.0	101	192.168.1.1	1107	203.140.25.50	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
4.0	87	192.168.1.1	1106	203.140.25.50	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
4.0	88	192.168.1.1	1105	203.140.25.50	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
6.0	157	192.168.1.1	1112	210.153.70.38	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
6.0	158	192.168.1.1	1111	210.153.70.38	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
7.0	171	192.168.1.1	1113	210.153.70.38	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
7.0	191	192.168.1.1	1115	219.163.5.185	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
7.0	194	192.168.1.1	1114	219.163.5.185	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
8.0	220	192.168.1.1	1116	219.163.5.185	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
9.0	223	192.168.1.1	1101	84.244.1.30	5050	A Network Trojan was detected	ET MALWARE	IRC Private message on non-standard port	1
9.0	240	192.168.1.1	1117	211.8.0.252	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
9.0	243	192.168.1.1	1118	211.8.0.252	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
10.0	258	192.168.1.1	1119	211.8.0.252	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
10.0	266	192.168.1.1	1120	211.8.0.252	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
11.0	283	192.168.1.1	1121	211.8.0.252	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
12.0	304	192.168.1.1	1122	211.8.0.252	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
12.0	320	192.168.1.1	1125	203.140.25.50	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
13.0	333	192.168.1.1	1126	203.140.25.50	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
13.0	348	192.168.1.1	1128	203.140.25.50	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
14.0	363	192.168.1.1	1129	203.140.25.50	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
14.0	373	192.168.1.1	1130	203.140.25.50	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
14.0	380	192.168.1.1	1131	211.8.0.252	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
15.0	388	192.168.1.1	1132	211.8.0.252	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
15.0	393	192.168.1.1	1133	203.140.25.50	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
15.0	403	192.168.1.1	1134	211.8.0.252	80	Potential Corporate Privacy Violation	ET POLICY	Proxy Judge Discovery/Evasion (prxjdg.cgi)	1
15.0	406	192.168.1.1	1101	84.244.1.30	5050	A Network Trojan was detected	ET MALWARE	IRC Private message on non-standard port	1

Open in new window Done