Alert Table for 2018-07-15-traffic-analysis-exercise.pcap

Alerts provided by Emerging Threats 2020-07-08
Relative Time Packet Source Source Port Destination Dest Port Category Rule Set Signature Severity
5.0 1086 10.0.0.201 50566 10.0.0.2 53 Potential Corporate Privacy Violation ET POLICY DNS Update From External net 1
105.0 4272 10.0.0.201 49834 168.215.194.14 80 Potential Corporate Privacy Violation ET P2P possible torrent download 1
110.0 4285 168.215.194.14 80 10.0.0.201 49834 Potential Corporate Privacy Violation ET P2P BitTorrent - Torrent File Downloaded 1
111.0 4315 10.0.0.201 49841 140.211.166.134 80 Attempted Information Leak ET POLICY Python-urllib/ Suspicious User Agent 2
111.0 4321 10.0.0.201 49842 91.189.95.21 6969 Potential Corporate Privacy Violation ET P2P BitTorrent Announce 1
111.0 4321 10.0.0.201 49842 91.189.95.21 6969 Potential Corporate Privacy Violation ET P2P Bittorrent P2P Client User-Agent (Deluge 1.x.x) 1
111.0 4321 10.0.0.201 49842 91.189.95.21 6969 Potential Corporate Privacy Violation GPL P2P BitTorrent announce request 1
111.0 4326 10.0.0.201 63448 1.64.58.6 51413 Potential Corporate Privacy Violation ET P2P BitTorrent DHT ping request 1
112.0 4334 1.64.58.6 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
112.0 4355 185.45.195.192 28096 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
112.0 4376 46.229.168.20 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
112.0 4390 46.182.109.190 25909 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
112.0 4391 71.63.25.222 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
112.0 4392 71.208.125.233 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
112.0 4397 93.88.38.53 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
112.0 4402 178.151.21.209 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
112.0 4421 107.150.37.250 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
113.0 4434 188.213.49.152 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
113.0 4437 54.77.218.23 6892 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
113.0 4439 95.136.40.38 52542 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT ping request 1
113.0 4448 103.237.145.55 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
113.0 4451 104.233.194.152 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
113.0 4459 69.197.191.34 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
113.0 4461 172.104.180.234 16825 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
113.0 4463 173.208.197.226 33817 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
113.0 4470 103.41.67.207 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
113.0 4472 27.122.59.91 16881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
114.0 4489 112.111.130.53 6339 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
114.0 4504 150.95.179.211 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4535 2.63.86.131 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4545 201.103.93.245 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT ping request 1
115.0 4555 10.0.0.201 49847 168.215.194.14 80 Potential Corporate Privacy Violation ET P2P Bittorrent P2P Client User-Agent (Deluge 1.x.x) 1
115.0 4555 10.0.0.201 49847 168.215.194.14 80 Potential Corporate Privacy Violation GPL P2P BitTorrent announce request 1
115.0 4563 2.87.5.246 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4594 213.32.7.143 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4595 163.172.32.21 20023 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4596 163.172.231.166 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4597 107.170.69.111 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4603 136.243.94.79 6881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4604 94.244.129.5 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4613 81.171.27.179 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4626 51.15.181.143 59726 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4635 188.165.221.92 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4642 10.0.0.201 49848 168.215.195.227 6969 Potential Corporate Privacy Violation ET P2P BitTorrent Announce 1
115.0 4642 10.0.0.201 49848 168.215.195.227 6969 Potential Corporate Privacy Violation ET P2P Bittorrent P2P Client User-Agent (Deluge 1.x.x) 1
115.0 4642 10.0.0.201 49848 168.215.195.227 6969 Potential Corporate Privacy Violation GPL P2P BitTorrent announce request 1
115.0 4659 51.15.178.238 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
115.0 4668 10.0.0.201 49849 168.215.194.14 80 Potential Corporate Privacy Violation ET P2P Bittorrent P2P Client User-Agent (Deluge 1.x.x) 1
116.0 4696 64.187.66.143 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
116.0 4705 2.95.107.254 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
116.0 4714 10.0.0.201 49850 168.215.195.227 6969 Potential Corporate Privacy Violation ET P2P Bittorrent P2P Client User-Agent (Deluge 1.x.x) 1
117.0 4766 119.248.168.38 12808 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT ping request 1
117.0 4777 173.62.174.241 5669 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT ping request 1
117.0 4780 121.158.238.241 7082 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT ping request 1
120.0 4838 2.238.165.81 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
124.0 4907 5.39.78.6 38564 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
124.0 4908 5.15.25.253 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
125.0 4923 5.39.80.148 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
126.0 4968 5.39.81.216 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
129.0 5201 107.3.158.204 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
129.0 5203 5.135.157.91 40000 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
129.0 5211 5.135.182.12 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
129.0 5223 217.103.41.35 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
129.0 5248 94.180.170.92 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
130.0 5322 5.135.176.38 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
131.0 5405 10.0.0.201 63448 2.50.139.95 20367 Potential Corporate Privacy Violation ET P2P BitTorrent DHT announce_peers request 1
131.0 5431 109.173.39.62 35816 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT ping request 1
131.0 5478 5.135.183.76 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
133.0 5663 5.166.74.207 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
135.0 5775 23.82.53.139 49544 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
136.0 5863 24.68.62.150 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
139.0 6041 45.44.237.37 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
140.0 6072 47.144.77.225 53546 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
141.0 6153 49.236.225.251 51376 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
142.0 6208 51.254.134.101 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
142.0 6236 81.166.90.176 41604 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT ping request 1
143.0 6276 59.78.48.242 37963 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
146.0 6428 10.0.0.201 49892 128.71.110.105 6885 Potential Corporate Privacy Violation GPL P2P BitTorrent transfer 1
147.0 6434 10.0.0.201 49892 128.71.110.105 6885 Potential Corporate Privacy Violation GPL P2P BitTorrent transfer 1
150.0 6632 71.254.156.169 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
151.0 6662 73.104.37.111 55177 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
153.0 6791 79.197.60.22 16881 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
153.0 6797 82.64.50.120 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
154.0 6878 82.102.24.163 42232 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
155.0 6938 84.30.4.100 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
155.0 6939 84.3.10.87 40798 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
157.0 7074 86.30.67.146 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
161.0 7337 90.92.115.191 51305 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
162.0 7352 67.180.169.16 11589 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
163.0 7397 92.111.172.106 6995 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
168.0 7685 136.50.23.155 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
168.0 7690 10.0.0.201 49907 2.7.43.235 6881 Potential Corporate Privacy Violation GPL P2P BitTorrent transfer 1
168.0 7721 10.0.0.201 49907 2.7.43.235 6881 Potential Corporate Privacy Violation GPL P2P BitTorrent transfer 1
170.0 7831 158.181.233.226 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
170.0 7838 10.0.0.201 49909 121.44.39.20 6881 Potential Corporate Privacy Violation GPL P2P BitTorrent transfer 1
171.0 7875 174.59.220.118 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
171.0 7886 176.31.181.189 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
175.0 8126 188.23.132.78 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
176.0 8164 188.165.225.30 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
179.0 8378 213.21.88.229 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
179.0 8381 213.5.52.59 51413 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT nodes reply 1
231.0 10594 10.0.0.201 49925 121.44.39.20 6881 Potential Corporate Privacy Violation GPL P2P BitTorrent transfer 1
231.0 10613 10.0.0.201 49925 121.44.39.20 6881 Potential Corporate Privacy Violation GPL P2P BitTorrent transfer 1
247.0 11265 59.11.225.233 39052 10.0.0.201 63448 Potential Corporate Privacy Violation ET P2P BitTorrent DHT ping request 1
270.0 n/a 10.0.0.201 49909 121.44.39.20 6881 Potential Corporate Privacy Violation GPL P2P BitTorrent transfer 1