Recent Changes in Main Web retrieved at 15:36 (GMT)

alert tcp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO Possible Replay Attempt Caused Disconnection`; content: `Disconnecting due to possible replay attempt...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO User Authentication Brute Force 25/1 `; content: `User`; content: `failed authentication`; after...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO User Authenticated From Outside Home Country`; content: `User`; content: `authenticated`; country code...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO Successful NTLM Authentication From Outside Home Country`; content: `NTLM authentication succeeded...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO NTLM Authentication Brute Force 25/1 `; content: `NTLM authentication failed for user`; after: track...
alert udp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO Failed to install software`; content: `Failed to install software`; classtype: system event; reference...
alert udp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO Failed Interactive Login Brute Force 15/1 `; content: `Failed keyboard interactive/pam for invalid...
alert udp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO Failed to connect to Panorama Server`; content: `Failed to connect to Panorama Server`; classtype:...
alert udp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO Chassis Master Alarm`; content: `Chassis Master Alarm`; classtype: hardware event; reference: url,live...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO Authorization failed Brute Force 25/1 `; content: `Authorization failed for user `; classtype:...
alert udp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO AntiVirus update job failed`; content: `AntiVirus update job failed`; classtype: system event; reference...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO Accepted SSH Connection From Outside Home Country`; content: `Accepted keyboard interactive/pam for...
alert udp $HOME NET any $EXTERNAL NET any (msg: ` PALO ALTO Certificate has illegal URL`; content: `Certificate`; content: `has illegal URL`; classtype: system...
alert syslog $EXTERNAL NET any $HOME NET any (msg:` SU root password change attempt`; content:`passwd`; content `root`; content:`HISTORY`; classtype: suspicious...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WINDOWS MISC Unable to log events to security log`; content: ` 521 3a `; classtype: program error; program...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` COURIER Authentication failure Brute Force 5/5 `; content: `LOGIN FAILED,`; parse src ip: 1; flowbits:...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WINDOWS MISC Microsoft Antimalware has encountered an error trying to update signatures`; program: Microsoft...
alert syslog $EXTERNAL NET any $HOME NET any (msg:` VMWARE GEOIP User login successful`; content: `Accepted password`; classtype: successful admin; country code...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` WINDOWS GEOIP Explicit Windows Logon `; pcre: `/ 552: 4648: /`; content: `Target`; content: `Process`; country...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` WINDOWS GEOIP Windows RDP Session Disconnected from outside HOME COUNTRY `; pcre: `/ 683: 4779: /`; content...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` WINDOWS GEOIP Windows Session Disconnected from outside HOME COUNTRY `; pcre: `/ 683: 4779: /`; content: `Session...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` WINDOWS GEOIP Windows Network Cleartext from outside HOME COUNTRY `; pcre: `/ 540: 4624: /`; content: `Logon...
alert syslog $EXTERNAL NET any $HOME NET any (msg:` WINDOWS AUTH User account deleted`; pcre: `/ 630: 4726: /`; program: Security ; classtype: successful user...
alert tcp $HOME NET any $EXTERNAL NET 443 (msg: ` NFCAPD Possible TOR Port 443 after Port 9001`; program: nfcapd; normalize: nfcapd; content: `/443, protocol...
alert tcp $HOME NET any $EXTERNAL NET 9030 (msg: ` NFCAPD Possible TOR Port 9030 after Port 9001`; program: nfcapd; normalize: nfcapd; content: `/9030, protocol...
alert tcp $HOME NET any $EXTERNAL NET 9001 (msg: ` NFCAPD Possible TOR Port 9001`; program: nfcapd; normalize: nfcapd; content: `/9001, protocol 3a TCP,`; flowbits...
alert tcp $HOME NET any $EXTERNAL NET 6889 (msg: ` NFCAPD Possible BitTorrent Port 6889 5/5 `; program: nfcapd; normalize: nfcapd; content: `/6889, protocol...
alert tcp $HOME NET any $EXTERNAL NET 6888 (msg: ` NFCAPD Possible BitTorrent Port 6888 5/5 `; program: nfcapd; normalize: nfcapd; content: `/6888, protocol...
alert tcp $HOME NET any $EXTERNAL NET 6887 (msg: ` NFCAPD Possible BitTorrent Port 6887 5/5 `; program: nfcapd; normalize: nfcapd; content: `/6887, protocol...
alert tcp $HOME NET any $EXTERNAL NET 6886 (msg: ` NFCAPD Possible BitTorrent Port 6886 5/5 `; program: nfcapd; normalize: nfcapd; content: `/6886, protocol...
alert tcp $HOME NET any $EXTERNAL NET 6885 (msg: ` NFCAPD Possible BitTorrent Port 6885 5/5 `; program: nfcapd; normalize: nfcapd; content: `/6885, protocol...
alert tcp $HOME NET any $EXTERNAL NET 6884 (msg: ` NFCAPD Possible BitTorrent Port 6884 5/5 `; program: nfcapd; normalize: nfcapd; content: `/6884, protocol...
alert tcp $HOME NET any $EXTERNAL NET 6883 (msg: ` NFCAPD Possible BitTorrent Port 6883 5/5 `; program: nfcapd; normalize: nfcapd; content: `/6883, protocol...
alert tcp $HOME NET any $EXTERNAL NET 6882 (msg: ` NFCAPD Possible BitTorrent Port 6882 5/5 `; program: nfcapd; normalize: nfcapd; content: `/6882, protocol...
alert tcp $HOME NET any $EXTERNAL NET 6881 (msg: ` NFCAPD Possible BitTorrent Port 6881 5/5 `; program: nfcapd; normalize: nfcapd; content: `/6881, protocol...
alert tcp $EXTERNAL NET any $HOME NET $HTTPS PORT (msg: ` CITRIX BROINTEL SSLVPN HTTPREQUEST from Bro Intel listed IP`; content: `SSLVPN HTTPREQUEST`; classtype...
alert tcp $EXTERNAL NET any $HOME NET $HTTPS PORT (msg: ` CITRIX BLACKLIST SSLVPN HTTPREQUEST from blacklisted IP`; content: `SSLVPN HTTPREQUEST`; classtype: unsuccessful...
alert tcp $EXTERNAL NET any $HOME NET $HTTPS PORT (msg: ` CITRIX GEOIP SSLVPN HTTPREQUEST from outside HOME COUNTRY`; content: `SSLVPN HTTPREQUEST`; classtype...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` BLACKLIST Suspicious communications detected via Blacklist`; blacklist: all; classtype: suspicious traffic...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` BRO INTEL Suspicious communications detected via Bro Intel`; bro intel: all; classtype: suspicious traffic...
alert tcp $EXTERNAL NET any $HOME NET $HTTPS PORT (msg: ` WINDOWS OWA Login failure Brute force 25/1 `; content: `/owa/auth/logon.aspx`; nocase; content: `reason...
alert syslog $HOME NET any $EXTERNAL NET any (msg: ` CISCO BLACKLIST FTP file transfer from blacklisted IP`; program: %ASA 6 303002; blacklist: by src; classtype...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WINDOWS BROINTEL Windows DC Logon Failure from a Bro Intel listed IP`; pcre: `/ 675: 676: 681: /`; classtype...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WINDOWS BROINTEL Login failure Account locked from a Bro Intel listed IP 0/5 `; content: ` 539 3a `; content...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WINDOWS BROINTEL Login failure from a Bro Intel listed IP User not allowed to login at this computer`; content...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WINDOWS BROINTEL Login failure from a Bro Intel listed IP Specified account expired`; content: ` 532 3a...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WINDOWS BROINTEL Login failure from a Bro Intel listed IP Account currently disabled 0/5 `; content: `...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WINDOWS BROINTEL Login failure from a Bro Intel listed IP Time restriction 0/5 `; content: ` 530 3a `...
alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WINDOWS BROINTEL Login failure from a Bro Intel listed IP 0/5 `; program: Security ; content: ` 529 3a...
alert tcp $HOME NET any $EXTERNAL NET any (msg: ` WINDOWS BROINTEL RDP / Logon type 10 from a Bro Intel listed IP`; program: Security ; pcre: `/ 528: 4624:...

«Previous   1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16   Next»

Show 10, 20, 50, 100, 500, 1000 results per page, or show all.

Related topics: RSS feed, rounded corners RSS feed, ATOM feed, WebNotify, site changes, site map

Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r5 - 2006-11-15 - TWikiContributor
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback