CMU - Intrusion Detection and Event Analysis System (IDEAS)
Home
|
Search
Source:
[DARPA]
[
Company A
] [
CMU
]
[
Back
]
Signature Analytic Report
Displaying alerts 1-48 of 68 total
Signature ID
Signature Name
Last Timestamp
Last Predicted
AVG. Confident
Count
Action
74
(spp_frag3) Fragmentation overlap
1999-04-05 08:39:52
False Alarm
100.0000
101
73
BACKDOOR netbus getinfo
1999-04-01 08:40:39
False Alarm
100.0000
1
72
BACKDOOR netbus active
1999-04-01 08:39:39
False Alarm
100.0000
1
71
DNS TCP inverse query overflow
1999-03-31 13:00:32
False Alarm
100.0000
1
70
(ftp_telnet) FTP command parameters were too long
1999-03-31 12:13:07
False Alarm
100.0000
1
68
SHELLCODE Linux shellcode
1999-03-31 09:38:13
False Alarm
100.0000
1
69
IMAP login buffer overflow attempt
1999-03-31 09:38:13
False Alarm
100.0000
1
55
FINGER root query
1999-03-31 08:04:16
False Alarm
100.0000
1
54
FINGER redirection attempt
1999-03-31 08:04:15
False Alarm
100.0000
1
52
FINGER / execution attempt
1999-03-31 08:04:19
False Alarm
100.0000
6
53
FINGER 0 query
1999-03-31 08:04:14
False Alarm
100.0000
1
50
WEB-MISC cat%20 access
1999-03-30 09:41:12
False Alarm
100.0000
1
49
WEB-CGI phf arbitrary command execution attempt
1999-03-30 09:41:12
False Alarm
100.0000
1
51
WEB-CGI phf access
1999-03-30 09:41:12
False Alarm
100.0000
1
67
SNMP missing community string attempt
1999-03-31 19:29:07
False Alarm
100.0000
5
66
X11 xopen
1999-04-01 13:08:30
False Alarm
100.0000
3
65
SHELLCODE x86 NOOP
1999-03-31 13:00:32
False Alarm
100.0000
3
63
FTP .rhosts
1999-03-29 13:58:22
False Alarm
100.0000
2
62
(spp_stream4) TTL LIMIT Exceeded
1999-03-11 14:25:06
False Alarm
100.0000
10
61
MISC source port 53 to <1024
1999-03-11 11:07:08
False Alarm
100.0000
1
47
SNMP AgentX/tcp request
1999-03-11 11:06:37
False Alarm
100.0000
10
60
DOS BGP spoofed connection reset attempt
1999-03-12 11:20:51
False Alarm
100.0000
2
59
MISC Source Port 20 to <1024
1999-03-11 11:04:19
False Alarm
100.0000
1
46
SNMP trap tcp
1999-03-11 11:04:49
False Alarm
100.0000
11
45
SNMP request tcp
1999-03-11 11:04:48
False Alarm
100.0000
11
44
(portscan) Open Port
1999-04-05 15:26:54
False Alarm
42.1197
593
43
(portscan) TCP Portscan
1999-04-05 10:46:13
False Alarm
74.8235
17
42
ICMP PING NMAP
1999-03-09 08:50:17
False Alarm
100.0000
218
41
(snort decoder) Bad Traffic Same Src/Dst IP
1999-03-30 14:54:10
False Alarm
100.0000
2
40
WEB-MISC apache directory disclosure attempt
1999-04-07 10:26:12
False Alarm
96.6929
254
34
WEB-FRONTPAGE /_vti_bin/ access
1999-04-01 08:16:01
False Alarm
78.0000
3
32
WEB-IIS fpcount attempt
1999-04-01 08:16:01
False Alarm
78.0000
3
39
NETBIOS SMB D$ unicode share access
1999-04-01 08:16:01
False Alarm
78.0000
3
37
NETBIOS SMB ADMIN$ unicode share access
1999-04-01 08:16:01
False Alarm
78.0000
3
35
WEB-IIS perl-browse newline attempt
1999-04-01 08:16:01
False Alarm
78.0000
3
33
WEB-IIS fpcount access
1999-04-01 08:16:01
False Alarm
78.0000
3
38
NETBIOS SMB C$ unicode share access
1999-04-01 08:16:01
False Alarm
78.0000
3
36
WEB-MISC queryhit.htm access
1999-04-01 08:16:01
False Alarm
78.0000
3
30
WEB-IIS perl access
1999-04-01 08:01:01
False Alarm
100.0000
2
28
WEB-CGI perl.exe command attempt
1999-04-01 08:01:01
False Alarm
100.0000
4
26
WEB-IIS *.idc attempt
1999-04-01 08:01:01
False Alarm
100.0000
2
31
WEB-IIS newdsn.exe access
1999-04-01 08:01:01
False Alarm
100.0000
2
29
WEB-CGI perl.exe access
1999-04-01 08:01:01
False Alarm
100.0000
4
27
WEB-CGI /cgi-bin/ access
1999-04-01 08:01:01
False Alarm
100.0000
2
24
FTP PORT bounce attempt
1999-03-09 08:01:00
False Alarm
100.0000
4
25
(ftp_telnet) FTP command parameters were malformed
1999-03-09 08:01:00
False Alarm
100.0000
2
23
BACKDOOR MISC Solaris 2.5 attempt
1999-03-12 16:02:49
False Alarm
98.8000
5
22
(ftp_telnet) FTP traffic encrypted
1999-03-31 14:31:28
False Alarm
100.0000
6
Query Results
[0]
Go to
page
Alert Group Maintenance
|
Cache & Status
|
Encrypt
|
Administration