The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Question about Snort/Acid results

Discussion in 'General Discussion' started by AbeFroman, Sep 7, 2004.

  1. AbeFroman

    AbeFroman BANNED

    Joined:
    Feb 16, 2002
    Messages:
    654
    Likes Received:
    1
    Trophy Points:
    0
    What am I to make of this? What is it saying?

    #0-(1-8) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:23 207.46.98.58:36147 69.XXX.XXX.XXX:80 TCP
    #1-(1-25) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:27 66.131.190.202:2847 69.XXX.XXX.XXX:80 TCP
    #2-(1-31) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:32 207.46.98.58:38621 69.XXX.XXX.XXX:80 TCP
    #3-(1-34) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:33 57.74.12.55:7628 69.XXX.XXX.XXX:80 TCP
    #4-(1-37) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:33 57.74.12.55:7629 69.XXX.XXX.XXX:80 TCP
    #5-(1-38) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:34 213.119.36.93:1880 69.XXX.XXX.XXX:80 TCP
    #6-(1-44) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:38 69.169.13.49:2776 69.XXX.XXX.XXX:80 TCP
    #7-(1-45) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:39 66.131.190.202:2869 69.XXX.XXX.XXX:80 TCP
    #8-(1-58) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:58 65.54.188.119:1979 69.XXX.XXX.XXX:80 TCP
    #9-(1-163) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:05 65.54.188.119:4759 69.XXX.XXX.XXX:80 TCP
    #10-(1-173) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:12 65.54.188.119:3623 69.XXX.XXX.XXX:80 TCP
    #11-(1-176) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:14 196.40.61.133:4040 69.XXX.XXX.XXX:80 TCP
    #12-(1-179) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:15 64.68.83.160:44080 69.XXX.XXX.XXX:80 TCP
    #13-(1-694) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:36 213.119.36.93:1882 69.XXX.XXX.XXX:80 TCP
    #14-(1-697) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:37 65.54.188.119:3255 69.XXX.XXX.XXX:80 TCP
    #15-(1-731) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:04 65.54.188.119:4833 69.XXX.XXX.XXX:80 TCP
    #16-(1-732) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:06 65.54.188.119:1648 69.XXX.XXX.XXX:80 TCP
    #17-(1-734) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:08 65.54.188.119:3671 69.XXX.XXX.XXX:80 TCP
    #18-(1-737) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:11 65.54.188.119:4648 69.XXX.XXX.XXX:80 TCP
    #19-(1-742) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:11 66.131.190.202:2922 69.XXX.XXX.XXX:80 TCP
    #20-(1-745) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:14 65.54.188.119:1612 69.XXX.XXX.XXX:80 TCP
    #21-(1-950) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:28 69.169.13.49:2864 69.XXX.XXX.XXX:80 TCP
    #22-(1-1328) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:53 63.162.166.90:33506 69.XXX.XXX.XXX:80 TCP
    #23-(1-1361) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:09 213.119.36.93:1883 69.XXX.XXX.XXX:80 TCP
    #24-(1-1362) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:09 63.162.166.90:33570 69.XXX.XXX.XXX:80 TCP
    #25-(1-1364) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:10 209.202.127.170:2924 69.XXX.XXX.XXX:80 TCP
    #26-(1-1371) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:16 12.175.0.44:55724 69.XXX.XXX.XXX:80 TCP
    #27-(1-1377) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:24 65.54.188.119:3466 69.XXX.XXX.XXX:80 TCP
    #28-(1-1380) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:27 209.202.127.170:2930 69.XXX.XXX.XXX:80 TCP
    #29-(1-1909) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:38 63.162.166.90:33604 69.XXX.XXX.XXX:80 TCP
    #30-(1-2013) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:32:00 213.119.36.93:1884 69.XXX.XXX.XXX:80 TCP
    #31-(1-2078) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:32:22 213.119.36.93:1888 69.XXX.XXX.XXX:80 TCP
    #32-(1-2119) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:08 66.131.190.202:2935 69.XXX.XXX.XXX:80 TCP
    #33-(1-2125) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:19 141.157.86.141:1413 69.XXX.XXX.XXX:80 TCP
    #34-(1-2130) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:25 66.30.40.207:33169 69.XXX.XXX.XXX:80 TCP
    #35-(1-2281) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:39 63.162.166.90:33806 69.XXX.XXX.XXX:80 TCP
    #36-(1-2284) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:43 213.119.36.93:1897 69.XXX.XXX.XXX:80 TCP
    #37-(1-2287) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:46 68.41.37.219:1318 69.XXX.XXX.XXX:80 TCP
    #38-(1-2318) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:07 213.119.36.93:1898 69.XXX.XXX.XXX:80 TCP
    #39-(1-2327) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:19 63.162.166.90:33962 69.XXX.XXX.XXX:80 TCP
    #40-(1-2334) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:26 66.131.190.202:2948 69.XXX.XXX.XXX:80 TCP
    #41-(1-2351) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:38 66.131.190.202:2952 69.XXX.XXX.XXX:80 TCP
    #42-(1-2363) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:45 141.157.86.141:1523 69.XXX.XXX.XXX:80 TCP
    #43-(1-2420) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:35:11 66.131.190.202:2959 69.XXX.XXX.XXX:80 TCP
    #44-(1-2430) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:35:14 63.162.166.90:34023 69.XXX.XXX.XXX:80 TCP
    #45-(1-2447) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:35:20 66.131.190.202:2970 69.XXX.XXX.XXX:80 TCP
     
  2. StevenC

    StevenC Well-Known Member

    Joined:
    Jan 1, 2004
    Messages:
    254
    Likes Received:
    0
    Trophy Points:
    16
    Not to be rude but you shouldnt use snort if you dont know how to use it. There is a rule that logs everytime "viewtopic.php" is accessed as in the past there was an exploit using that file.
     
  3. AbeFroman

    AbeFroman BANNED

    Joined:
    Feb 16, 2002
    Messages:
    654
    Likes Received:
    1
    Trophy Points:
    0
    Thanks for the tip. I'm in the process of learning how to use it. I have to learn somehow :)

    Is there a way to block the view topic rule? So any forum that has a page viewtopic.php will get logged into snort?
     
Loading...

Share This Page