Navigation

Log samples for the Cisco IDS/IPS module for IOSΒΆ

Sep  1 10:38:36 10.10.10.1 614: *Sep  1 17:36:34.303: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:36 10.10.10.1 615: *Sep  1 17:36:34.307: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:36 10.10.10.1 616: *Sep  1 17:36:34.531: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:36 10.10.10.1 617: *Sep  1 17:36:34.531: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:36 10.10.10.1 618: *Sep  1 17:36:34.783: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:36 10.10.10.1 619: *Sep  1 17:36:34.783: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:36 10.10.10.1 620: *Sep  1 17:36:35.087: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:36 10.10.10.1 621: *Sep  1 17:36:35.087: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:36 10.10.10.1 622: *Sep  1 17:36:35.495: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:37 10.10.10.1 623: *Sep  1 17:36:35.495: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:37 10.10.10.1 624: *Sep  1 17:36:36.111: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:37 10.10.10.1 625: *Sep  1 17:36:36.111: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:39 10.10.10.1 626: *Sep  1 17:36:37.047: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:39 10.10.10.1 627: *Sep  1 17:36:37.047: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:41 10.10.10.1 628: *Sep  1 17:36:38.719: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:41 10.10.10.1 629: *Sep  1 17:36:38.719: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:59633 -> 10.10.10.10:80]
Sep  1 10:38:49 10.10.10.1 630: *Sep  1 17:36:46.715: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.11:52032 -> 10.10.10.10:80]
Sep  1 10:38:50 10.10.10.1 631: *Sep  1 17:36:48.199: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.11:54000 -> 10.10.10.10:80]
Sep  1 10:38:58 10.10.10.1 632: *Sep  1 17:36:55.827: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.11:63596 -> 10.10.10.10:4444]
Sep  1 10:38:58 10.10.10.1 633: *Sep  1 17:36:55.827: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.11:49486 -> 10.10.10.10:80]
Sep  1 10:38:58 10.10.10.1 634: *Sep  1 17:36:55.831: %IPS-4-SIGNATURE: Sig:5123 Subsig:2 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:49486 -> 10.10.10.10:80]
Sep  1 10:38:59 10.10.10.1 635: *Sep  1 17:36:56.831: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.11:59499 -> 10.10.10.10:4444]
Sep  1 10:38:59 10.10.10.1 636: *Sep  1 17:36:56.883: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.11:56017 -> 10.10.10.10:4444]
Sep  1 10:39:29 10.10.10.1 647: *Sep  1 17:37:28.027: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.11:60915 -> 10.10.10.10:80]
Sep  1 10:39:29 10.10.10.1 648: *Sep  1 17:37:28.031: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:29 10.10.10.1 649: *Sep  1 17:37:28.035: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:29 10.10.10.1 650: *Sep  1 17:37:28.259: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:30 10.10.10.1 651: *Sep  1 17:37:28.511: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:30 10.10.10.1 652: *Sep  1 17:37:28.511: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:30 10.10.10.1 653: *Sep  1 17:37:28.815: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:30 10.10.10.1 654: *Sep  1 17:37:28.815: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:30 10.10.10.1 655: *Sep  1 17:37:29.223: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:31 10.10.10.1 656: *Sep  1 17:37:29.223: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:31 10.10.10.1 657: *Sep  1 17:37:29.839: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:31 10.10.10.1 658: *Sep  1 17:37:29.839: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:33 10.10.10.1 659: *Sep  1 17:37:30.775: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:33 10.10.10.1 660: *Sep  1 17:37:30.775: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:34 10.10.10.1 661: *Sep  1 17:37:32.447: %IPS-4-SIGNATURE: Sig:5123 Subsig:0 Sev:5 WWW IIS Internet Printing Overflow [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:34 10.10.10.1 662: *Sep  1 17:37:32.447: %IPS-4-SIGNATURE: Sig:5769 Subsig:0 Sev:4 Malformed HTTP Request [192.168.100.11:54068 -> 10.10.10.10:80]
Sep  1 10:39:36 10.10.10.1 663: *Sep  1 17:37:34.523: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.12:1246 -> 192.168.100.1:443]
Sep  1 10:39:47 10.10.10.1 664: *Sep  1 17:37:45.607: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.12:1247 -> 192.168.100.1:443]
Sep  1 10:40:41 10.10.10.1 665: *Sep  1 17:38:39.303: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.12:1248 -> 192.168.100.1:443]
Sep  1 10:41:06 10.10.10.1 666: *Sep  1 17:39:03.795: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.12:1249 -> 192.168.100.1:443]
Sep  1 10:41:18 10.10.10.1 667: *Sep  1 17:39:15.995: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.12:1250 -> 192.168.100.1:443]
Sep  1 10:42:08 10.10.10.1 678: *Sep  1 17:40:06.271: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.12:1251 -> 192.168.100.1:443]
Sep  1 10:44:39 10.10.10.1 695: *Sep  1 17:42:37.623: %IPS-4-SIGNATURE: Sig:3051 Subsig:1 Sev:4 TCP Connection Window Size DoS [192.168.100.12:1252 -> 192.168.100.1:443]

Navigation

© Copyright 2019, OSSEC Project. Created using Sphinx 1.1.3.