Question about Snort/Acid results

AbeFroman

BANNED
Feb 16, 2002
654
1
318
What am I to make of this? What is it saying?

#0-(1-8) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:23 207.46.98.58:36147 69.XXX.XXX.XXX:80 TCP
#1-(1-25) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:27 66.131.190.202:2847 69.XXX.XXX.XXX:80 TCP
#2-(1-31) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:32 207.46.98.58:38621 69.XXX.XXX.XXX:80 TCP
#3-(1-34) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:33 57.74.12.55:7628 69.XXX.XXX.XXX:80 TCP
#4-(1-37) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:33 57.74.12.55:7629 69.XXX.XXX.XXX:80 TCP
#5-(1-38) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:34 213.119.36.93:1880 69.XXX.XXX.XXX:80 TCP
#6-(1-44) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:38 69.169.13.49:2776 69.XXX.XXX.XXX:80 TCP
#7-(1-45) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:39 66.131.190.202:2869 69.XXX.XXX.XXX:80 TCP
#8-(1-58) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:58 65.54.188.119:1979 69.XXX.XXX.XXX:80 TCP
#9-(1-163) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:05 65.54.188.119:4759 69.XXX.XXX.XXX:80 TCP
#10-(1-173) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:12 65.54.188.119:3623 69.XXX.XXX.XXX:80 TCP
#11-(1-176) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:14 196.40.61.133:4040 69.XXX.XXX.XXX:80 TCP
#12-(1-179) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:15 64.68.83.160:44080 69.XXX.XXX.XXX:80 TCP
#13-(1-694) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:36 213.119.36.93:1882 69.XXX.XXX.XXX:80 TCP
#14-(1-697) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:37 65.54.188.119:3255 69.XXX.XXX.XXX:80 TCP
#15-(1-731) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:04 65.54.188.119:4833 69.XXX.XXX.XXX:80 TCP
#16-(1-732) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:06 65.54.188.119:1648 69.XXX.XXX.XXX:80 TCP
#17-(1-734) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:08 65.54.188.119:3671 69.XXX.XXX.XXX:80 TCP
#18-(1-737) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:11 65.54.188.119:4648 69.XXX.XXX.XXX:80 TCP
#19-(1-742) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:11 66.131.190.202:2922 69.XXX.XXX.XXX:80 TCP
#20-(1-745) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:14 65.54.188.119:1612 69.XXX.XXX.XXX:80 TCP
#21-(1-950) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:28 69.169.13.49:2864 69.XXX.XXX.XXX:80 TCP
#22-(1-1328) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:53 63.162.166.90:33506 69.XXX.XXX.XXX:80 TCP
#23-(1-1361) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:09 213.119.36.93:1883 69.XXX.XXX.XXX:80 TCP
#24-(1-1362) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:09 63.162.166.90:33570 69.XXX.XXX.XXX:80 TCP
#25-(1-1364) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:10 209.202.127.170:2924 69.XXX.XXX.XXX:80 TCP
#26-(1-1371) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:16 12.175.0.44:55724 69.XXX.XXX.XXX:80 TCP
#27-(1-1377) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:24 65.54.188.119:3466 69.XXX.XXX.XXX:80 TCP
#28-(1-1380) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:27 209.202.127.170:2930 69.XXX.XXX.XXX:80 TCP
#29-(1-1909) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:38 63.162.166.90:33604 69.XXX.XXX.XXX:80 TCP
#30-(1-2013) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:32:00 213.119.36.93:1884 69.XXX.XXX.XXX:80 TCP
#31-(1-2078) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:32:22 213.119.36.93:1888 69.XXX.XXX.XXX:80 TCP
#32-(1-2119) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:08 66.131.190.202:2935 69.XXX.XXX.XXX:80 TCP
#33-(1-2125) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:19 141.157.86.141:1413 69.XXX.XXX.XXX:80 TCP
#34-(1-2130) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:25 66.30.40.207:33169 69.XXX.XXX.XXX:80 TCP
#35-(1-2281) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:39 63.162.166.90:33806 69.XXX.XXX.XXX:80 TCP
#36-(1-2284) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:43 213.119.36.93:1897 69.XXX.XXX.XXX:80 TCP
#37-(1-2287) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:46 68.41.37.219:1318 69.XXX.XXX.XXX:80 TCP
#38-(1-2318) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:07 213.119.36.93:1898 69.XXX.XXX.XXX:80 TCP
#39-(1-2327) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:19 63.162.166.90:33962 69.XXX.XXX.XXX:80 TCP
#40-(1-2334) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:26 66.131.190.202:2948 69.XXX.XXX.XXX:80 TCP
#41-(1-2351) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:38 66.131.190.202:2952 69.XXX.XXX.XXX:80 TCP
#42-(1-2363) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:45 141.157.86.141:1523 69.XXX.XXX.XXX:80 TCP
#43-(1-2420) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:35:11 66.131.190.202:2959 69.XXX.XXX.XXX:80 TCP
#44-(1-2430) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:35:14 63.162.166.90:34023 69.XXX.XXX.XXX:80 TCP
#45-(1-2447) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:35:20 66.131.190.202:2970 69.XXX.XXX.XXX:80 TCP
 

StevenC

Well-Known Member
Jan 1, 2004
252
0
166
Not to be rude but you shouldnt use snort if you dont know how to use it. There is a rule that logs everytime "viewtopic.php" is accessed as in the past there was an exploit using that file.
 

AbeFroman

BANNED
Feb 16, 2002
654
1
318
Thanks for the tip. I'm in the process of learning how to use it. I have to learn somehow :)

Is there a way to block the view topic rule? So any forum that has a page viewtopic.php will get logged into snort?