[**] [117:1:1] (spp_portscan2) Portscan detected from 192.168.100.28: 6 targets 6 ports in 631 seconds [**] 11/29-14:36:40.037184 192.168.100.28:32789 -> 210.94.0.7:53 UDP TTL:255 TOS:0x0 ID:42421 IpLen:20 DgmLen:73 DF Len: 45 [**] [117:1:1] (spp_portscan2) Portscan detected from 192.168.100.28: 21 targets 21 ports in 5009 seconds [**] 11/29-15:49:38.530858 192.168.100.28:32789 -> 192.26.92.30:53 UDP TTL:255 TOS:0x0 ID:29779 IpLen:20 DgmLen:60 DF Len: 32 [**] [1:620:2] SCAN Proxy (8080) attempt [**] [Classification: Attempted Information Leak] [Priority: 2] 11/29-20:25:08.481119 61.144.145.243:3667 -> 192.168.100.28:8080 TCP TTL:47 TOS:0x0 ID:19890 IpLen:20 DgmLen:52 DF ******S* Seq: 0x15E082B1 Ack: 0x0 Win: 0xE640 TcpLen: 32 TCP Options (6) => MSS: 1452 NOP WS: 2 NOP NOP SackOK [**] [1:618:2] SCAN Squid Proxy attempt [**] [Classification: Attempted Information Leak] [Priority: 2] 11/29-20:25:08.481119 61.144.145.243:3677 -> 192.168.100.28:3128 TCP TTL:47 TOS:0x0 ID:19892 IpLen:20 DgmLen:52 DF ******S* Seq: 0x15E1F6DD Ack: 0x0 Win: 0xE640 TcpLen: 32 TCP Options (6) => MSS: 1452 NOP WS: 2 NOP NOP SackOK [**] [1:620:2] SCAN Proxy (8080) attempt [**] [Classification: Attempted Information Leak] [Priority: 2] 11/29-20:25:09.381058 61.144.145.243:3667 -> 192.168.100.28:8080 TCP TTL:47 TOS:0x0 ID:20165 IpLen:20 DgmLen:52 DF ******S* Seq: 0x15E082B1 Ack: 0x0 Win: 0xE640 TcpLen: 32 TCP Options (6) => MSS: 1452 NOP WS: 2 NOP NOP SackOK [**] [1:618:2] SCAN Squid Proxy attempt [**] [Classification: Attempted Information Leak] [Priority: 2] 11/29-20:25:09.391058 61.144.145.243:3677 -> 192.168.100.28:3128 TCP TTL:47 TOS:0x0 ID:20167 IpLen:20 DgmLen:52 DF ******S* Seq: 0x15E1F6DD Ack: 0x0 Win: 0xE640 TcpLen: 32 TCP Options (6) => MSS: 1452 NOP WS: 2 NOP NOP SackOK [**] [1:620:2] SCAN Proxy (8080) attempt [**] [Classification: Attempted Information Leak] [Priority: 2] 11/29-20:25:10.300996 61.144.145.243:3667 -> 192.168.100.28:8080 TCP TTL:47 TOS:0x0 ID:20686 IpLen:20 DgmLen:52 DF ******S* Seq: 0x15E082B1 Ack: 0x0 Win: 0xE640 TcpLen: 32 TCP Options (6) => MSS: 1452 NOP WS: 2 NOP NOP SackOK [**] [1:618:2] SCAN Squid Proxy attempt [**] [Classification: Attempted Information Leak] [Priority: 2] 11/29-20:25:10.310995 61.144.145.243:3677 -> 192.168.100.28:3128 TCP TTL:47 TOS:0x0 ID:20692 IpLen:20 DgmLen:52 DF ******S* Seq: 0x15E1F6DD Ack: 0x0 Win: 0xE640 TcpLen: 32 TCP Options (6) => MSS: 1452 NOP WS: 2 NOP NOP SackOK [**] [1:645:3] SHELLCODE sparc NOOP [**] [Classification: Executable code was detected] [Priority: 1] 11/29-23:36:26.503382 61.219.90.180:56711 -> 192.168.100.28:6112 TCP TTL:44 TOS:0x0 ID:61373 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0x7FC1DB88 Ack: 0xBA41EB06 Win: 0x16D0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 48510034 113867474 [Xref => http://www.whitehats.com/info/IDS353] [**] [1:402:4] ICMP Destination Unreachable (Port Unreachable) [**] [Classification: Misc activity] [Priority: 3] 11/29-23:47:09.759808 148.244.153.69 -> 192.168.100.28 ICMP TTL:124 TOS:0x0 ID:2312 IpLen:20 DgmLen:56 Type:3 Code:3 DESTINATION UNREACHABLE: PORT UNREACHABLE ** ORIGINAL DATAGRAM DUMP: 192.168.100.28:53 -> 148.244.153.69:1124 UDP TTL:251 TOS:0x0 ID:40357 IpLen:20 DgmLen:163 DF Len: 135 ** END OF DUMP [**] [1:402:4] ICMP Destination Unreachable (Port Unreachable) [**] [Classification: Misc activity] [Priority: 3] 11/29-23:49:57.258437 148.244.153.69 -> 192.168.100.28 ICMP TTL:124 TOS:0x0 ID:15888 IpLen:20 DgmLen:56 Type:3 Code:3 DESTINATION UNREACHABLE: PORT UNREACHABLE ** ORIGINAL DATAGRAM DUMP: 192.168.100.28:53 -> 148.244.153.69:1233 UDP TTL:251 TOS:0x0 ID:40358 IpLen:20 DgmLen:165 DF Len: 137 ** END OF DUMP [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/29-23:59:52.338046 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16475 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:00:01.777405 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25915 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:01:02.773265 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16476 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:01:12.772587 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25916 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:02:03.779125 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16477 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:02:13.788446 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25917 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:03:04.794984 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16478 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:03:14.794306 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25918 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:04:05.790845 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16479 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [117:1:1] (spp_portscan2) Portscan detected from 192.168.100.28: 6 targets 6 ports in 0 seconds [**] 11/30-00:04:08.490662 192.168.100.28:32789 -> 151.99.125.138:53 UDP TTL:255 TOS:0x0 ID:10471 IpLen:20 DgmLen:82 DF Len: 54 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:04:15.780167 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25919 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [116:56:1] (snort_decoder): T/TCP Detected [**] 11/30-00:04:46.418088 206.252.192.195:0 -> 192.168.100.28:0 TCP TTL:51 TOS:0x0 ID:10267 IpLen:20 DgmLen:68 DF ******S* Seq: 0xAD2A435D Ack: 0x0 Win: 0x4000 TcpLen: 48 TCP Options (9) => MSS: 1460 NOP WS: 0 NOP NOP TS: 481191594 0 TCP Options => NOP NOP CCNEW: 136032629 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:05:06.786705 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16480 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:05:16.786027 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25920 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [116:56:1] (snort_decoder): T/TCP Detected [**] 11/30-00:05:38.424558 206.252.192.195:0 -> 192.168.100.28:0 TCP TTL:51 TOS:0x0 ID:50612 IpLen:20 DgmLen:68 DF ******S* Seq: 0xDFD73115 Ack: 0x0 Win: 0x4000 TcpLen: 48 TCP Options (9) => MSS: 1460 NOP WS: 0 NOP NOP TS: 481196794 0 TCP Options => NOP NOP CCNEW: 136034206 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:06:07.792565 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16481 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:06:17.791887 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25921 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [116:56:1] (snort_decoder): T/TCP Detected [**] 11/30-00:06:32.410895 206.252.192.195:0 -> 192.168.100.28:0 TCP TTL:51 TOS:0x0 ID:27572 IpLen:20 DgmLen:68 DF ******S* Seq: 0x151FB03A Ack: 0x0 Win: 0x4000 TcpLen: 48 TCP Options (9) => MSS: 1460 NOP WS: 0 NOP NOP TS: 481202194 0 TCP Options => NOP NOP CCNEW: 136035815 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:07:08.788426 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16482 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:07:18.797747 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25922 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [116:56:1] (snort_decoder): T/TCP Detected [**] 11/30-00:07:26.817203 206.252.192.195:0 -> 192.168.100.28:0 TCP TTL:51 TOS:0x0 ID:3256 IpLen:20 DgmLen:68 DF ******S* Seq: 0xBD724D6C Ack: 0x0 Win: 0x4000 TcpLen: 48 TCP Options (9) => MSS: 1460 NOP WS: 0 NOP NOP TS: 481207635 0 TCP Options => NOP NOP CCNEW: 136037572 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:08:09.794286 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16483 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:08:19.803607 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25923 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [116:56:1] (snort_decoder): T/TCP Detected [**] 11/30-00:08:22.423429 206.252.192.195:0 -> 192.168.100.28:0 TCP TTL:51 TOS:0x0 ID:47099 IpLen:20 DgmLen:68 DF ******S* Seq: 0x377F9805 Ack: 0x0 Win: 0x4000 TcpLen: 48 TCP Options (9) => MSS: 1460 NOP WS: 0 NOP NOP TS: 481213197 0 TCP Options => NOP NOP CCNEW: 136039230 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:09:10.810146 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16484 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [116:56:1] (snort_decoder): T/TCP Detected [**] 11/30-00:09:14.489896 206.252.192.195:0 -> 192.168.100.28:0 TCP TTL:51 TOS:0x0 ID:21281 IpLen:20 DgmLen:68 DF ******S* Seq: 0x96E0ED86 Ack: 0x0 Win: 0x4000 TcpLen: 48 TCP Options (9) => MSS: 1460 NOP WS: 0 NOP NOP TS: 481218404 0 TCP Options => NOP NOP CCNEW: 136040783 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:09:20.809467 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25924 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [116:56:1] (snort_decoder): T/TCP Detected [**] 11/30-00:09:49.427525 206.252.192.195:0 -> 192.168.100.28:0 TCP TTL:51 TOS:0x0 ID:48678 IpLen:20 DgmLen:68 DF ******S* Seq: 0xDCCF0832 Ack: 0x0 Win: 0x4000 TcpLen: 48 TCP Options (9) => MSS: 1460 NOP WS: 0 NOP NOP TS: 481221898 0 TCP Options => NOP NOP CCNEW: 136041858 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:10:11.816006 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16485 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:10:21.815328 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25925 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [116:56:1] (snort_decoder): T/TCP Detected [**] 11/30-00:10:26.834987 206.252.192.195:0 -> 192.168.100.28:0 TCP TTL:51 TOS:0x0 ID:13638 IpLen:20 DgmLen:68 DF ******S* Seq: 0x353FCB52 Ack: 0x0 Win: 0x4000 TcpLen: 48 TCP Options (9) => MSS: 1460 NOP WS: 0 NOP NOP TS: 481225639 0 TCP Options => NOP NOP CCNEW: 136042943 [**] [116:56:1] (snort_decoder): T/TCP Detected [**] 11/30-00:11:02.962535 206.252.192.195:0 -> 192.168.100.28:0 TCP TTL:51 TOS:0x0 ID:43093 IpLen:20 DgmLen:68 DF ******S* Seq: 0xC6A6B7F Ack: 0x0 Win: 0x4000 TcpLen: 48 TCP Options (9) => MSS: 1460 NOP WS: 0 NOP NOP TS: 481229253 0 TCP Options => NOP NOP CCNEW: 136044084 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:11:12.801868 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16486 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:11:22.801189 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25926 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:12:13.807728 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16487 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:12:23.807050 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25927 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:13:14.813589 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16488 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:13:24.812910 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25928 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:14:15.819449 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16489 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:14:25.818771 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25929 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:15:16.815310 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16490 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:15:26.814632 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25930 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:16:17.821171 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16491 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:16:27.820493 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25931 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:17:18.837031 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16492 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:17:28.836353 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25932 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:18:19.832893 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16493 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:18:29.832214 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25933 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:19:20.838768 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:16494 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:19:30.838092 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25934 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:20:21.844646 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:741 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:20:31.843970 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25935 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:21:22.850524 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:742 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:21:32.849848 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25936 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:22:23.846403 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:743 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:22:33.845727 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25937 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [117:1:1] (spp_portscan2) Portscan detected from 192.168.100.28: 6 targets 6 ports in 5 seconds [**] 11/30-00:22:47.834782 192.168.100.28:32789 -> 206.98.114.20:53 UDP TTL:255 TOS:0x0 ID:15659 IpLen:20 DgmLen:72 DF Len: 44 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:23:24.852280 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:744 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:23:34.851605 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25938 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:24:25.858158 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:745 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:24:35.857482 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25939 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:25:26.854036 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:746 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:25:36.853360 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25940 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:26:27.859913 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:747 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:26:37.859237 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25941 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:27:28.865790 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:748 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:27:38.865114 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25942 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:28:29.871667 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:749 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:28:39.870991 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25943 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:29:30.867544 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:750 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:29:40.866869 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25944 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:30:31.873421 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:751 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:30:41.872745 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25945 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:31:32.879297 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:752 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:31:42.878621 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25946 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:32:33.875174 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:753 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:32:43.874498 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25947 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:33:34.881050 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:754 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:33:44.880374 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25948 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:34:35.886926 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:755 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:34:45.886250 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25949 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:35:36.892801 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:756 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:35:46.892123 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25950 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:36:37.888667 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:757 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:36:47.887989 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25951 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:37:38.894532 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:758 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:37:48.893854 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25952 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:38:39.900397 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:759 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:38:49.899719 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25953 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:39:40.896263 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:760 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:39:50.895585 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:25954 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:40:41.902128 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:761 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:40:51.901450 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51093 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:41:42.907993 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:762 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:41:52.907315 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51094 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:42:43.913858 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:763 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:42:53.913181 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51095 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:43:44.909724 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:764 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:43:54.909046 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51096 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:44:45.915589 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:765 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:44:55.914911 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51097 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:45:46.911455 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:766 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:45:56.910777 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51098 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:46:47.907321 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:767 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:46:57.916642 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51099 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:47:48.923185 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:768 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:47:58.922507 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51100 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:48:49.929050 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:769 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:48:59.928372 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51101 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:49:50.934915 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:770 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:50:00.934238 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51102 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:50:51.930781 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:771 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:51:01.930103 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51103 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:51:52.936646 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:772 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:52:02.935968 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51104 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:52:53.942508 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:773 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:53:03.941828 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51105 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:53:54.938362 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:774 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:54:04.937682 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51106 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:54:55.944215 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:775 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:55:05.943535 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51107 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:55:56.950068 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:776 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:56:06.949388 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51108 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:56:57.955921 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:777 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:57:07.955242 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51109 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:57:58.951776 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:778 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:58:08.951096 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51110 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:58:59.957629 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:779 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-00:59:09.956950 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51111 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:00:00.963483 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20445 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:00:10.962804 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51112 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:01:01.959338 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20446 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:01:11.968658 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51113 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:02:02.965192 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20447 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:02:12.964513 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51114 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:03:03.971046 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20448 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:03:13.970367 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51115 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:04:04.976901 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20449 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:04:14.976221 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51116 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:05:05.972756 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20450 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:05:15.972077 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51117 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:06:06.978611 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20451 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:06:16.977932 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51118 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:07:07.984466 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20452 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:07:17.983787 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51119 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:08:08.980322 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20453 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:08:18.989642 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51120 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:09:09.986177 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20454 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:09:19.985498 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51121 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:10:10.992036 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20455 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:10:20.991358 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51122 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:11:11.997898 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20456 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:11:21.997220 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51123 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:12:12.993762 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20457 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:12:22.993083 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51124 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:13:13.999624 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20458 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:13:23.998946 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51125 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:14:15.005487 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20459 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:14:25.004809 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51126 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:15:16.001350 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20460 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:15:26.010672 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51127 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [117:1:1] (spp_portscan2) Portscan detected from 192.168.100.28: 6 targets 6 ports in 18 seconds [**] 11/30-01:15:26.730623 192.168.100.28:32789 -> 209.10.34.55:53 UDP TTL:255 TOS:0x0 ID:28661 IpLen:20 DgmLen:61 DF Len: 33 [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.070600 64.14.117.10 -> 192.168.100.28 ICMP TTL:53 TOS:0x0 ID:58830 IpLen:20 DgmLen:84 Type:8 Code:0 ID:63564 Seq:46983 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.070600 63.218.7.130 -> 192.168.100.28 ICMP TTL:51 TOS:0x0 ID:45107 IpLen:20 DgmLen:84 Type:8 Code:0 ID:27909 Seq:46759 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.090598 216.74.133.194 -> 192.168.100.28 ICMP TTL:47 TOS:0x0 ID:38121 IpLen:20 DgmLen:84 Type:8 Code:0 ID:64317 Seq:52596 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.090598 64.15.251.198 -> 192.168.100.28 ICMP TTL:47 TOS:0x0 ID:18170 IpLen:20 DgmLen:84 Type:8 Code:0 ID:48385 Seq:33365 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.090598 66.28.255.130 -> 192.168.100.28 ICMP TTL:42 TOS:0x0 ID:19251 IpLen:20 DgmLen:84 Type:8 Code:0 ID:53505 Seq:51450 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.100598 216.73.82.10 -> 192.168.100.28 ICMP TTL:51 TOS:0x0 ID:47239 IpLen:20 DgmLen:84 Type:8 Code:0 ID:10245 Seq:49995 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.100598 66.28.47.162 -> 192.168.100.28 ICMP TTL:51 TOS:0x0 ID:53244 IpLen:20 DgmLen:84 Type:8 Code:0 ID:44033 Seq:9362 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.120596 64.0.96.12 -> 192.168.100.28 ICMP TTL:51 TOS:0x0 ID:13914 IpLen:20 DgmLen:84 Type:8 Code:0 ID:60224 Seq:32264 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.120596 204.176.88.5 -> 192.168.100.28 ICMP TTL:50 TOS:0x0 ID:9929 IpLen:20 DgmLen:84 Type:8 Code:0 ID:49409 Seq:4105 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.140595 212.62.17.145 -> 192.168.100.28 ICMP TTL:48 TOS:0x0 ID:9197 IpLen:20 DgmLen:84 Type:8 Code:0 ID:60435 Seq:47603 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.150594 208.185.54.14 -> 192.168.100.28 ICMP TTL:50 TOS:0x0 ID:24138 IpLen:20 DgmLen:84 Type:8 Code:0 ID:36441 Seq:4305 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.200591 211.14.0.99 -> 192.168.100.28 ICMP TTL:47 TOS:0x0 ID:59157 IpLen:20 DgmLen:84 Type:8 Code:0 ID:51816 Seq:49180 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.220590 213.61.6.2 -> 192.168.100.28 ICMP TTL:49 TOS:0x0 ID:32709 IpLen:20 DgmLen:84 Type:8 Code:0 ID:56854 Seq:17291 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:15:27.280586 203.89.210.82 -> 192.168.100.28 ICMP TTL:42 TOS:0x0 ID:18080 IpLen:20 DgmLen:84 Type:8 Code:0 ID:48197 Seq:35646 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:16:17.007213 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20461 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:16:27.006535 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51128 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:17:18.013076 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20462 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:17:28.012398 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51129 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:18:19.018939 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20463 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:18:29.018261 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51130 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:19:20.014802 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20464 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:19:30.014124 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:51131 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:20:21.020665 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20465 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:20:31.019987 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5261 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:21:22.026528 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20466 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:21:32.025850 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5262 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:22:23.022392 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20467 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:22:33.031713 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5263 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:23:24.028255 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20468 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:23:34.027577 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5264 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:24:25.034118 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20469 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:24:35.033439 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5265 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:25:26.039981 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20470 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:25:36.039302 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5266 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:26:27.035844 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20471 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:26:37.035166 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5267 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:27:28.041709 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20472 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:27:38.041031 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5268 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:28:29.047574 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20473 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:28:39.046896 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5269 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [117:1:1] (spp_portscan2) Portscan detected from 192.168.100.28: 6 targets 6 ports in 573 seconds [**] 11/30-01:28:40.006831 192.168.100.28:32789 -> 12.47.217.11:53 UDP TTL:255 TOS:0x0 ID:35469 IpLen:20 DgmLen:76 DF Len: 48 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:29:30.043439 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20474 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:29:40.052761 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5270 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:30:31.049304 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20475 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:30:41.048626 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5271 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:31:32.055169 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20476 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:31:42.054491 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5272 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:32:33.061034 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20477 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:32:43.060356 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5273 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:33:34.056900 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20478 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:33:44.056222 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5274 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:34:35.062765 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20479 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:34:45.062087 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5275 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:35:36.058630 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20480 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:35:46.057952 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5276 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:36:37.054496 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20481 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:36:47.063817 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5277 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:37:38.070360 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20482 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:37:48.069682 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5278 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:38:39.076225 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20483 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:38:49.075547 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5279 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:39:40.082090 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:20484 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:39:50.081412 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5280 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:40:41.077955 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35603 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:40:51.067278 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5281 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:41:42.083820 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35604 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:41:52.083142 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5282 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:42:43.089685 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35605 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:42:53.089007 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5283 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:43:44.085551 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35606 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:43:54.094871 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5284 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:44:45.091390 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35607 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:44:55.090707 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5285 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:45:46.097226 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35608 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:45:56.096544 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5286 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:46:03.166061 66.28.255.130 -> 192.168.100.28 ICMP TTL:42 TOS:0x0 ID:64827 IpLen:20 DgmLen:84 Type:8 Code:0 ID:53505 Seq:33692 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:46:04.056000 64.15.251.198 -> 192.168.100.28 ICMP TTL:47 TOS:0x0 ID:1694 IpLen:20 DgmLen:84 Type:8 Code:0 ID:48385 Seq:51990 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:46:04.105997 208.185.54.14 -> 192.168.100.28 ICMP TTL:50 TOS:0x0 ID:21269 IpLen:20 DgmLen:84 Type:8 Code:0 ID:36441 Seq:62418 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:46:04.105997 204.176.88.5 -> 192.168.100.28 ICMP TTL:50 TOS:0x0 ID:488 IpLen:20 DgmLen:84 Type:8 Code:0 ID:49409 Seq:9392 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:46:04.105997 63.218.7.130 -> 192.168.100.28 ICMP TTL:51 TOS:0x0 ID:39514 IpLen:20 DgmLen:84 Type:8 Code:0 ID:27909 Seq:28976 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:46:04.105997 64.0.96.12 -> 192.168.100.28 ICMP TTL:51 TOS:0x0 ID:2572 IpLen:20 DgmLen:84 Type:8 Code:0 ID:60224 Seq:43440 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:46:04.115996 64.14.117.10 -> 192.168.100.28 ICMP TTL:52 TOS:0x0 ID:48340 IpLen:20 DgmLen:84 Type:8 Code:0 ID:63564 Seq:64524 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:46:04.175992 212.62.17.145 -> 192.168.100.28 ICMP TTL:48 TOS:0x0 ID:57626 IpLen:20 DgmLen:84 Type:8 Code:0 ID:60435 Seq:46851 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-01:46:04.185991 213.61.6.2 -> 192.168.100.28 ICMP TTL:49 TOS:0x0 ID:24950 IpLen:20 DgmLen:84 Type:8 Code:0 ID:56854 Seq:32123 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:46:47.103063 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35609 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:46:57.102380 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5287 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:47:48.098900 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35610 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:47:58.098218 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5288 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:48:49.104738 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35611 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:48:59.104055 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5289 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:49:50.110576 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35612 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:50:00.109893 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5290 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:50:51.106414 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35613 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:51:01.115732 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5291 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:51:52.112253 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35614 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:52:02.111571 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5292 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:52:53.118092 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35615 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:53:03.117410 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5293 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:53:54.123931 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35616 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:54:04.123249 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5294 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:54:55.119772 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35617 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:55:05.129089 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5295 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:55:56.115612 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35618 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:56:06.124930 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5296 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:56:57.131452 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35619 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:57:07.130770 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5297 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:57:58.127294 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35620 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:58:08.136611 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5298 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:58:59.133135 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35621 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-01:59:09.132453 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:5299 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [117:1:1] (spp_portscan2) Portscan detected from 192.168.100.28: 6 targets 6 ports in 90 seconds [**] 11/30-01:59:43.420116 192.168.100.28:32789 -> 168.95.192.14:53 UDP TTL:255 TOS:0x0 ID:63781 IpLen:20 DgmLen:73 DF Len: 45 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:00:00.128977 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35622 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:00:10.128295 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24955 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:01:01.134820 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35623 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:01:11.134141 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24956 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:02:02.140680 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35624 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:02:12.140002 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24957 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [117:1:1] (spp_portscan2) Portscan detected from 192.168.100.28: 6 targets 6 ports in 69 seconds [**] 11/30-02:02:43.447877 192.168.100.28:32789 -> 128.63.2.53:53 UDP TTL:255 TOS:0x0 ID:39308 IpLen:20 DgmLen:73 DF Len: 45 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:03:03.146541 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35625 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:03:13.145862 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24958 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:04:04.152401 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35626 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:04:14.151723 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24959 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:05:05.158262 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35627 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:05:15.147584 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24960 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:06:06.144124 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35628 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:06:16.143446 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24961 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:07:07.149985 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35629 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [117:1:1] (spp_portscan2) Portscan detected from 192.168.100.28: 6 targets 6 ports in 270 seconds [**] 11/30-02:07:13.489555 192.168.100.28:32789 -> 200.33.146.213:53 UDP TTL:255 TOS:0x0 ID:55079 IpLen:20 DgmLen:72 DF Len: 44 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:07:17.149306 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24962 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:08:08.165845 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35630 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:08:18.165166 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24963 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:09:09.161706 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35631 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:09:19.161028 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24964 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:10:10.167567 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35632 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:10:20.166889 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24965 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:11:11.173428 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35633 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:11:21.172750 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24966 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:12:12.169290 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35634 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:12:22.178611 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24967 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:13:13.175151 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35635 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:13:23.174472 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24968 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:14:14.181012 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35636 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:14:24.180333 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24969 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:15:15.176873 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35637 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:15:25.176195 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24970 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-02:16:04.063557 216.73.82.10 -> 192.168.100.28 ICMP TTL:51 TOS:0x0 ID:53445 IpLen:20 DgmLen:84 Type:8 Code:0 ID:10245 Seq:19758 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-02:16:04.063557 66.28.47.162 -> 192.168.100.28 ICMP TTL:51 TOS:0x0 ID:27343 IpLen:20 DgmLen:84 Type:8 Code:0 ID:44033 Seq:47013 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-02:16:04.143551 65.203.232.2 -> 192.168.100.28 ICMP TTL:52 TOS:0x0 ID:15143 IpLen:20 DgmLen:84 Type:8 Code:0 ID:18029 Seq:49312 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-02:16:04.163550 208.254.75.130 -> 192.168.100.28 ICMP TTL:52 TOS:0x0 ID:13491 IpLen:20 DgmLen:84 Type:8 Code:0 ID:59759 Seq:28790 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-02:16:04.163550 63.123.77.194 -> 192.168.100.28 ICMP TTL:52 TOS:0x0 ID:44852 IpLen:20 DgmLen:84 Type:8 Code:0 ID:11632 Seq:62483 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:368:4] ICMP PING BSDtype [**] [Classification: Misc activity] [Priority: 3] 11/30-02:16:04.423532 203.197.173.129 -> 192.168.100.28 ICMP TTL:50 TOS:0x0 ID:43864 IpLen:20 DgmLen:84 Type:8 Code:0 ID:51201 Seq:61544 ECHO [Xref => http://www.whitehats.com/info/IDS152] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:16:16.172735 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35638 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:16:26.172057 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24971 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:17:17.188596 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35639 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:17:27.187917 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24972 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:18:18.194459 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35640 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:18:28.193782 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24973 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:19:19.190329 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:35641 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:19:29.199651 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24974 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:20:20.196197 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55317 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:20:30.195520 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24975 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:21:21.202066 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55318 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:21:31.201389 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24976 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:22:22.207935 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55319 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:22:32.207258 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24977 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:23:23.203804 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55320 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:23:33.203127 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24978 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:24:24.209673 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55321 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:24:34.208996 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24979 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:25:25.205542 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55322 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:25:35.214864 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24980 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:26:26.201411 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55323 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:26:36.210733 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24981 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:27:27.207280 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55324 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:27:37.216602 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24982 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:28:28.223147 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55325 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:28:38.222470 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24983 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:29:29.229015 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55326 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:29:39.228338 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24984 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:30:30.224884 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55327 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:30:40.224207 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24985 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [117:1:1] (spp_portscan2) Portscan detected from 192.168.100.28: 6 targets 6 ports in 12 seconds [**] 11/30-02:30:48.093674 192.168.100.28:32789 -> 64.215.170.28:53 UDP TTL:255 TOS:0x0 ID:27817 IpLen:20 DgmLen:61 DF Len: 33 [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:31:31.230752 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55328 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:31:41.230075 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24986 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:32:32.236621 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55329 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:32:42.235943 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24987 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:33:33.232489 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55330 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:33:43.241811 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24988 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:34:34.238357 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55331 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:34:44.237680 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24989 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:35:35.244221 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55332 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:35:45.243542 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24990 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:36:36.250080 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55333 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:36:46.249401 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24991 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:37:37.245939 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55334 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:37:47.245261 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24992 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:38:38.251799 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55335 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:38:48.251120 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24993 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:39:39.257658 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55336 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:39:49.256979 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:24994 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:40:40.263517 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55337 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:40:50.262839 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:40133 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:41:41.259377 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55338 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:41:51.258699 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:40134 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:42:42.265237 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55339 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:42:52.264558 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:40135 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:43:43.271096 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55340 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:43:53.270418 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:40136 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:44:44.266957 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55341 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:44:54.266278 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:40137 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:45:45.272816 192.168.100.28 -> 217.116.38.10 ICMP TTL:255 TOS:0x0 ID:55342 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO REPLY [Xref => http://staff.washington.edu/dittrich/misc/stacheldraht.analysis] [**] [1:1855:2] DDOS Stacheldraht agent->handler (skillz) [**] [Classification: Attempted Denial of Service] [Priority: 2] 11/30-02:45:55.272138 192.168.100.28 -> 61.134.3.11 ICMP TTL:255 TOS:0x0 ID:40138 IpLen:20 DgmLen:1044 DF Type:0 Code:0 ID:6666 Seq:0 ECHO