More Related Content
More from PePae Loeicity (7)
Report (11)
- 1. Threat Report
MOI-PAN01 : 2013/04/22 22:23:38 - 2013/04/23 10:23:37
Threat/Content Name ID Threat/Content Type Severity Action IP Protocol Repeat Count
Microsoft remote desktop connect initial attempt 33020 vulnerability informational alert tcp 7.35 k
Morto RDP Request Traffic 13274 spyware low alert tcp 7.28 k
Microsoft Windows SMB Negotiate Request 35364 vulnerability informational alert tcp 4.29 k
Windows SMB Login Attempt 31696 vulnerability informational alert tcp 4.21 k
ZeroAccess.Gen Command and Control Traffic 13235 spyware critical drop-all-packets udp 3.67 k
MS-RDP Brute-force Attempt 40021 vulnerability high drop-all-packets tcp 3.31 k
MSSQL DB Login Authentication Failed 31753 vulnerability informational alert tcp 2.53 k
HTTP Unauthorized Error 34556 vulnerability informational alert tcp 1.90 k
HTTP WWW-Authentication Failed 31708 vulnerability informational alert tcp 1.90 k
HTTP OPTIONS Method 30520 vulnerability informational alert tcp 1.19 k
Bot: Torpig Phone Home DNS request 12657 spyware medium drop-all-packets udp 1.15 k
HTTP Request ACE Encoded Domain Name Access 31298 vulnerability informational alert tcp 814
SSL Renegotiation Denial of Service Vulnerability 33862 vulnerability low alert tcp 643
SMB: User Password Brute-force Attempt 40004 vulnerability high drop-all-packets tcp 367
Microsoft SQL Server User Authentication Brute-force Attempt 40010 vulnerability high drop-all-packets tcp 356
NetBIOS nbtstat query 31707 vulnerability informational alert udp 353
Microsoft Windows Server Service Remote Stack Overflow Vulnerability 31922 vulnerability critical drop-all-packets tcp 302
Windows Server Service NetrpPathCanonicalize access 30859 vulnerability low alert tcp 302
Suspicious or malformed HTTP Referer field 35554 vulnerability informational alert tcp 271
Microsoft ASP.Net Information Leak Vulnerability 33435 vulnerability low alert tcp 249
SSH2 Login Attempt 31914 vulnerability informational alert tcp 192
Suspicious user-agent strings 10004 spyware medium drop-all-packets tcp 153
MySQL Login Authentication Failed 31719 vulnerability informational alert tcp 139
SIP Register Request Attempt 33592 vulnerability low alert udp 132
Generic GET Method Buffer Overflow Vulnerability 34267 vulnerability informational alert tcp 86
http://www.paloaltonetworks.com