Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Question about Snort/Acid results

Discussion in 'General Discussion' started by AbeFroman, Sep 7, 2004.

  1. AbeFroman

    AbeFroman BANNED

    Joined:
    Feb 16, 2002
    Messages:
    654
    Likes Received:
    1
    Trophy Points:
    318
    What am I to make of this? What is it saying?

    #0-(1-8) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:23 207.46.98.58:36147 69.XXX.XXX.XXX:80 TCP
    #1-(1-25) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:27 66.131.190.202:2847 69.XXX.XXX.XXX:80 TCP
    #2-(1-31) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:32 207.46.98.58:38621 69.XXX.XXX.XXX:80 TCP
    #3-(1-34) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:33 57.74.12.55:7628 69.XXX.XXX.XXX:80 TCP
    #4-(1-37) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:33 57.74.12.55:7629 69.XXX.XXX.XXX:80 TCP
    #5-(1-38) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:34 213.119.36.93:1880 69.XXX.XXX.XXX:80 TCP
    #6-(1-44) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:38 69.169.13.49:2776 69.XXX.XXX.XXX:80 TCP
    #7-(1-45) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:39 66.131.190.202:2869 69.XXX.XXX.XXX:80 TCP
    #8-(1-58) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:28:58 65.54.188.119:1979 69.XXX.XXX.XXX:80 TCP
    #9-(1-163) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:05 65.54.188.119:4759 69.XXX.XXX.XXX:80 TCP
    #10-(1-173) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:12 65.54.188.119:3623 69.XXX.XXX.XXX:80 TCP
    #11-(1-176) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:14 196.40.61.133:4040 69.XXX.XXX.XXX:80 TCP
    #12-(1-179) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:15 64.68.83.160:44080 69.XXX.XXX.XXX:80 TCP
    #13-(1-694) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:36 213.119.36.93:1882 69.XXX.XXX.XXX:80 TCP
    #14-(1-697) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:29:37 65.54.188.119:3255 69.XXX.XXX.XXX:80 TCP
    #15-(1-731) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:04 65.54.188.119:4833 69.XXX.XXX.XXX:80 TCP
    #16-(1-732) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:06 65.54.188.119:1648 69.XXX.XXX.XXX:80 TCP
    #17-(1-734) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:08 65.54.188.119:3671 69.XXX.XXX.XXX:80 TCP
    #18-(1-737) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:11 65.54.188.119:4648 69.XXX.XXX.XXX:80 TCP
    #19-(1-742) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:11 66.131.190.202:2922 69.XXX.XXX.XXX:80 TCP
    #20-(1-745) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:14 65.54.188.119:1612 69.XXX.XXX.XXX:80 TCP
    #21-(1-950) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:28 69.169.13.49:2864 69.XXX.XXX.XXX:80 TCP
    #22-(1-1328) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:30:53 63.162.166.90:33506 69.XXX.XXX.XXX:80 TCP
    #23-(1-1361) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:09 213.119.36.93:1883 69.XXX.XXX.XXX:80 TCP
    #24-(1-1362) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:09 63.162.166.90:33570 69.XXX.XXX.XXX:80 TCP
    #25-(1-1364) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:10 209.202.127.170:2924 69.XXX.XXX.XXX:80 TCP
    #26-(1-1371) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:16 12.175.0.44:55724 69.XXX.XXX.XXX:80 TCP
    #27-(1-1377) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:24 65.54.188.119:3466 69.XXX.XXX.XXX:80 TCP
    #28-(1-1380) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:27 209.202.127.170:2930 69.XXX.XXX.XXX:80 TCP
    #29-(1-1909) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:31:38 63.162.166.90:33604 69.XXX.XXX.XXX:80 TCP
    #30-(1-2013) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:32:00 213.119.36.93:1884 69.XXX.XXX.XXX:80 TCP
    #31-(1-2078) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:32:22 213.119.36.93:1888 69.XXX.XXX.XXX:80 TCP
    #32-(1-2119) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:08 66.131.190.202:2935 69.XXX.XXX.XXX:80 TCP
    #33-(1-2125) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:19 141.157.86.141:1413 69.XXX.XXX.XXX:80 TCP
    #34-(1-2130) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:25 66.30.40.207:33169 69.XXX.XXX.XXX:80 TCP
    #35-(1-2281) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:39 63.162.166.90:33806 69.XXX.XXX.XXX:80 TCP
    #36-(1-2284) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:43 213.119.36.93:1897 69.XXX.XXX.XXX:80 TCP
    #37-(1-2287) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:33:46 68.41.37.219:1318 69.XXX.XXX.XXX:80 TCP
    #38-(1-2318) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:07 213.119.36.93:1898 69.XXX.XXX.XXX:80 TCP
    #39-(1-2327) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:19 63.162.166.90:33962 69.XXX.XXX.XXX:80 TCP
    #40-(1-2334) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:26 66.131.190.202:2948 69.XXX.XXX.XXX:80 TCP
    #41-(1-2351) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:38 66.131.190.202:2952 69.XXX.XXX.XXX:80 TCP
    #42-(1-2363) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:34:45 141.157.86.141:1523 69.XXX.XXX.XXX:80 TCP
    #43-(1-2420) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:35:11 66.131.190.202:2959 69.XXX.XXX.XXX:80 TCP
    #44-(1-2430) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:35:14 63.162.166.90:34023 69.XXX.XXX.XXX:80 TCP
    #45-(1-2447) nessus[cve][icat][bugtraq][snort] WEB-PHP viewtopic.php access 2004-09-07 14:35:20 66.131.190.202:2970 69.XXX.XXX.XXX:80 TCP
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. StevenC

    StevenC Well-Known Member

    Joined:
    Jan 1, 2004
    Messages:
    252
    Likes Received:
    0
    Trophy Points:
    166
    Not to be rude but you shouldnt use snort if you dont know how to use it. There is a rule that logs everytime "viewtopic.php" is accessed as in the past there was an exploit using that file.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. AbeFroman

    AbeFroman BANNED

    Joined:
    Feb 16, 2002
    Messages:
    654
    Likes Received:
    1
    Trophy Points:
    318
    Thanks for the tip. I'm in the process of learning how to use it. I have to learn somehow :)

    Is there a way to block the view topic rule? So any forum that has a page viewtopic.php will get logged into snort?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice