03-31-02 ACID Summary
To: toot@sparky.finchhaven.net
Subject: ACID Incident Report
From: ACID Alert
Generated by ACID v0.9.6b21 on Fri April 05, 2002 01:40:59
#12-1| [2002-03-31 06:41:19] 172.184.70.38:4610 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-2| [2002-03-31 06:41:31] 172.184.70.38:4610 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-3| [2002-03-31 06:59:33] 12.82.66.117:1741 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-4| [2002-03-31 06:59:36] 12.82.66.117:1741 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-5| [2002-03-31 07:10:49] 12.82.66.117:2570 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-6| [2002-03-31 07:10:52] 12.82.66.117:2570 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-7| [2002-03-31 07:39:45] 202.161.133.80:1046 -> 12.82.129.51:137 UDP to 137 netBIOS ns
#12-8| [2002-03-31 07:42:39] 67.8.46.176:1025 -> 12.82.129.51:137 UDP to 137 netBIOS ns
#12-9| [2002-03-31 09:18:07] 211.100.7.73:5454 -> 12.82.129.51:5454 TCP to range 1025-60999
#12-10| [2002-03-31 09:53:08] 12.82.129.120:2647 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-11| [2002-03-31 09:53:10] 12.82.129.120:2647 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-12| [2002-03-31 10:13:56] 172.132.205.183:4593 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-13| [2002-03-31 10:13:59] 172.132.205.183:4593 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-14| [2002-03-31 10:14:05] 172.132.205.183:4593 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-15| [2002-03-31 10:26:47] 12.82.129.120:2287 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-16| [2002-03-31 10:26:50] 12.82.129.120:2287 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-19| [2002-03-31 11:34:10] 62.99.9.121:2173 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-20| [2002-03-31 11:34:13] 62.99.9.121:2173 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-21| [2002-03-31 11:34:19] 62.99.9.121:2173 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-22| [2002-03-31 12:01:11] 24.161.117.147:2475 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-23| [2002-03-31 12:01:14] 24.161.117.147:2475 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-24| [2002-03-31 12:01:20] 24.161.117.147:2475 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-25| [2002-03-31 12:26:57] 12.82.130.70:4056 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-26| [2002-03-31 12:27:00] 12.82.130.70:4056 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-27| [2002-03-31 12:28:59] 12.82.130.70:1205 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-28| [2002-03-31 12:29:00] 12.82.130.70:1205 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-29| [2002-03-31 13:08:49] 144.132.9.185:4285 -> 12.82.129.51:21 TCP to 21 ftp
#12-30| [2002-03-31 13:36:06] 12.82.130.70:3243 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-31| [2002-03-31 13:36:10] 12.82.130.70:3243 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-32| [2002-03-31 13:39:01] 12.236.100.241:1943 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-33| [2002-03-31 13:39:04] 12.236.100.241:1943 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-34| [2002-03-31 13:52:13] 141.158.77.73:1042 -> 12.82.129.51:137 UDP to 137 netBIOS ns
#12-35| [2002-03-31 13:53:52] 12.82.130.70:2429 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-36| [2002-03-31 13:53:55] 12.82.130.70:2429 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-37| [2002-03-31 14:05:33] 66.24.109.6:4392 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-38| [2002-03-31 14:05:36] 66.24.109.6:4392 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-39| [2002-03-31 14:05:42] 66.24.109.6:4392 -> 12.82.129.51:27374 TCP to 27374 SubSeven
#12-40| [2002-03-31 14:11:42] 12.82.140.180:4626 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-41| [2002-03-31 14:11:45] 12.82.140.180:4626 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-42| [2002-03-31 14:32:07] 12.82.130.70:3513 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#12-43| [2002-03-31 14:32:11] 12.82.130.70:3513 -> 12.82.129.51:80 Potential CodeRed/Nimda probe
#13-1| [2002-03-31 15:03:20] 198.92.157.109:4097 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-2| [2002-03-31 15:03:23] 198.92.157.109:4097 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-3| [2002-03-31 15:03:41] 198.92.157.109:4097 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-4| [2002-03-31 15:05:35] 12.82.140.180:3857 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-9| [2002-03-31 15:18:42] 12.235.51.212:1721 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-10| [2002-03-31 15:18:45] 12.235.51.212:1721 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-11| [2002-03-31 15:20:28] 12.235.81.75:4605 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-12| [2002-03-31 15:20:31] 12.235.81.75:4605 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-13| [2002-03-31 15:27:52] 63.117.214.194:3024 -> 12.82.128.181:3024 UDP to range 1026-60999
#13-14| [2002-03-31 15:27:53] 63.117.214.194:3024 -> 12.82.128.181:3024 UDP to range 1026-60999
#13-15| [2002-03-31 15:27:53] 63.117.214.194:3024 -> 12.82.128.181:3024 UDP to range 1026-60999
#13-16| [2002-03-31 15:27:54] 63.117.214.194:3024 -> 12.82.128.181:3024 UDP to range 1026-60999
#13-17| [2002-03-31 15:27:54] 63.117.214.194:3024 -> 12.82.128.181:3024 UDP to range 1026-60999
#13-18| [2002-03-31 15:27:55] 63.117.214.194:3024 -> 12.82.128.181:3024 UDP to range 1026-60999
#13-23| [2002-03-31 15:28:47] 63.117.214.194:3024 -> 12.82.128.181:3024 UDP to range 1026-60999
#13-24| [2002-03-31 15:28:48] 63.117.214.194:3024 -> 12.82.128.181:3024 UDP to range 1026-60999
#13-25| [2002-03-31 15:28:49] 63.117.214.194:3024 -> 12.82.128.181:3024 UDP to range 1026-60999
#13-26| [2002-03-31 15:28:49] 63.117.214.194:3024 -> 12.82.128.181:3024 UDP to range 1026-60999
#13-27| [2002-03-31 15:39:02] 12.82.128.52:1067 -> 12.82.128.181:137 UDP to 137 netBIOS ns
#13-29| [2002-03-31 15:55:26] 216.123.140.169:2468 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-30| [2002-03-31 15:55:29] 216.123.140.169:2468 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-31| [2002-03-31 15:55:35] 216.123.140.169:2468 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-32| [2002-03-31 15:55:47] 216.123.140.169:2468 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-35| [2002-03-31 16:08:51] 12.82.140.30:1298 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-36| [2002-03-31 16:08:54] 12.82.140.30:1298 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-37| [2002-03-31 16:10:12] 216.123.140.169:3284 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-38| [2002-03-31 16:10:15] 216.123.140.169:3284 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-39| [2002-03-31 16:10:21] 216.123.140.169:3284 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-40| [2002-03-31 16:10:34] 216.123.140.169:3284 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-41| [2002-03-31 16:16:01] 206.77.41.124:21 -> 12.82.128.181:21 TCP to 21 ftp
#13-42| [2002-03-31 16:18:43] 216.123.140.169:3910 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-43| [2002-03-31 16:18:46] 216.123.140.169:3910 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-44| [2002-03-31 16:18:52] 216.123.140.169:3910 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-45| [2002-03-31 16:19:04] 216.123.140.169:3910 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-46| [2002-03-31 16:31:15] 12.228.193.245:4012 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-47| [2002-03-31 16:33:05] 216.123.140.169:4462 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-48| [2002-03-31 16:33:08] 216.123.140.169:4462 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-49| [2002-03-31 16:33:15] 216.123.140.169:4462 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-50| [2002-03-31 16:33:27] 216.123.140.169:4462 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-51| [2002-03-31 16:38:22] 24.241.0.203:3958 -> 12.82.128.181:27374 TCP to 27374 SubSeven
#13-52| [2002-03-31 16:38:25] 24.241.0.203:3958 -> 12.82.128.181:27374 TCP to 27374 SubSeven
#13-53| [2002-03-31 16:38:31] 24.241.0.203:3958 -> 12.82.128.181:27374 TCP to 27374 SubSeven
#13-54| [2002-03-31 16:47:27] 172.169.141.5:1132 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-55| [2002-03-31 16:47:30] 172.169.141.5:1132 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-56| [2002-03-31 16:51:11] 216.78.102.106:3485 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-57| [2002-03-31 16:51:13] 216.78.102.106:3485 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-58| [2002-03-31 16:52:21] 216.123.140.169:1461 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-59| [2002-03-31 17:18:33] 172.169.141.5:2407 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-60| [2002-03-31 17:18:36] 172.169.141.5:2407 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-61| [2002-03-31 17:19:48] 12.228.110.226:1999 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-62| [2002-03-31 17:19:50] 12.228.110.226:1999 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-64| [2002-03-31 17:38:45] 12.82.128.203:1110 -> 12.82.128.181:137 UDP to 137 netBIOS ns
#13-65| [2002-03-31 17:48:07] 12.238.89.135:1189 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-66| [2002-03-31 17:48:10] 12.238.89.135:1189 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-78| [2002-03-31 18:05:58] 12.234.62.56:4897 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-79| [2002-03-31 18:06:01] 12.234.62.56:4897 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-80| [2002-03-31 18:26:02] 12.82.133.72:2641 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-81| [2002-03-31 18:26:05] 12.82.133.72:2641 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-83| [2002-03-31 18:42:46] 12.82.133.72:1759 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-84| [2002-03-31 18:42:49] 12.82.133.72:1759 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-85| [2002-03-31 18:44:44] 12.82.133.72:2678 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-86| [2002-03-31 18:44:47] 12.82.133.72:2678 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-87| [2002-03-31 18:58:11] 216.123.135.25:2142 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-88| [2002-03-31 18:58:15] 216.123.135.25:2142 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-89| [2002-03-31 18:58:21] 216.123.135.25:2142 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-90| [2002-03-31 18:58:33] 216.123.135.25:2142 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-91| [2002-03-31 18:59:40] 194.65.158.24:2462 -> 12.82.128.181:139 TCP to 139 netBIOS ss
#13-92| [2002-03-31 18:59:43] 194.65.158.24:2462 -> 12.82.128.181:139 TCP to 139 netBIOS ss
#13-93| [2002-03-31 18:59:49] 194.65.158.24:2462 -> 12.82.128.181:139 TCP to 139 netBIOS ss
#13-94| [2002-03-31 19:00:02] 194.65.158.24:2462 -> 12.82.128.181:139 TCP to 139 netBIOS ss
#13-95| [2002-03-31 19:07:37] 12.239.80.104:1288 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-96| [2002-03-31 19:07:40] 12.239.80.104:1288 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-97| [2002-03-31 19:14:33] 12.82.133.72:2532 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-98| [2002-03-31 19:14:36] 12.82.133.72:2532 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-99| [2002-03-31 19:14:43] 209.94.201.241:3704 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-102| [2002-03-31 19:16:04] 209.94.201.241:3791 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-103| [2002-03-31 19:16:07] 209.94.201.241:3791 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-104| [2002-03-31 19:16:12] 209.94.201.241:3791 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-105| [2002-03-31 19:16:24] 209.94.201.241:3791 -> 12.82.128.181:6346 TCP to 6346 gnutella
#13-100| [2002-03-31 19:14:52] 196.3.132.1 -> 12.82.128.181 ICMP echo request
#13-101| [2002-03-31 19:15:17] 196.3.132.1 -> 12.82.128.181 ICMP echo request
#13-106| [2002-03-31 19:26:53] 216.123.135.25:3351 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-107| [2002-03-31 19:26:57] 216.123.135.25:3351 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-108| [2002-03-31 19:27:02] 216.123.135.25:3351 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-109| [2002-03-31 19:27:16] 216.123.135.25:3351 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-110| [2002-03-31 19:40:04] 216.123.135.25:3974 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-111| [2002-03-31 19:40:07] 216.123.135.25:3974 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-112| [2002-03-31 19:40:14] 216.123.135.25:3974 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-113| [2002-03-31 19:40:25] 216.123.135.25:3974 -> 12.82.128.181:1214 TCP to 1214 KaZaa
#13-114| [2002-03-31 19:54:22] 203.176.43.10:1026 -> 12.82.128.181:137 UDP to 137 netBIOS ns
#13-115| [2002-03-31 20:10:53] 12.232.135.66:2582 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-116| [2002-03-31 20:10:55] 12.232.135.66:2582 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-117| [2002-03-31 20:15:22] 12.82.129.150:2762 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-118| [2002-03-31 20:15:25] 12.82.129.150:2762 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-119| [2002-03-31 20:24:42] 12.238.245.200:1979 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-120| [2002-03-31 20:24:45] 12.238.245.200:1979 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-121| [2002-03-31 20:32:59] 12.82.65.95:3046 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-122| [2002-03-31 20:33:02] 12.82.65.95:3046 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-123| [2002-03-31 20:54:35] 24.95.198.59:4017 -> 12.82.128.181:1080 TCP to 1080 socks
#13-124| [2002-03-31 20:54:59] 62.122.0.25:60136 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-125| [2002-03-31 20:55:00] 62.122.0.25:60137 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-126| [2002-03-31 21:03:06] 12.253.212.251:3506 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-127| [2002-03-31 21:03:10] 12.253.212.251:3506 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-128| [2002-03-31 21:13:58] 12.82.65.178:1124 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-129| [2002-03-31 21:14:01] 12.82.65.178:1124 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-130| [2002-03-31 21:36:10] 12.82.239.227:4242 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-131| [2002-03-31 21:40:14] 12.82.65.178:4323 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-132| [2002-03-31 21:40:18] 12.82.65.178:4323 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-145| [2002-03-31 21:40:48] 12.253.189.252:1878 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-146| [2002-03-31 21:40:54] 65.214.50.130:54627 -> 12.82.128.181:53 UDP to 53 domain
#13-147| [2002-03-31 21:40:55] 208.254.18.130:30150 -> 12.82.128.181:53 UDP to 53 domain
#13-148| [2002-03-31 21:40:55] 193.45.3.130:62695 -> 12.82.128.181:53 UDP to 53 domain
#13-149| [2002-03-31 21:40:55] 206.65.191.194:11318 -> 12.82.128.181:53 UDP to 53 domain
#13-150| [2002-03-31 21:41:04] 65.214.50.130:54627 -> 12.82.128.181:53 UDP to 53 domain
#13-151| [2002-03-31 21:41:04] 208.254.18.130:30150 -> 12.82.128.181:53 UDP to 53 domain
#13-152| [2002-03-31 21:41:04] 193.45.3.130:62695 -> 12.82.128.181:53 UDP to 53 domain
#13-153| [2002-03-31 21:41:04] 206.65.191.194:11318 -> 12.82.128.181:53 UDP to 53 domain
#13-133| [2002-03-31 21:40:24] 65.214.50.130 -> 12.82.128.181 ICMP echo request
#13-134| [2002-03-31 21:40:24] 208.254.18.130 -> 12.82.128.181 ICMP echo request
#13-135| [2002-03-31 21:40:24] 193.45.3.130 -> 12.82.128.181 ICMP echo request
#13-136| [2002-03-31 21:40:24] 206.65.191.194 -> 12.82.128.181 ICMP echo request
#13-137| [2002-03-31 21:40:34] 65.214.50.130 -> 12.82.128.181 ICMP echo request
#13-138| [2002-03-31 21:40:34] 208.254.18.130 -> 12.82.128.181 ICMP echo request
#13-139| [2002-03-31 21:40:34] 193.45.3.130 -> 12.82.128.181 ICMP echo request
#13-140| [2002-03-31 21:40:34] 206.65.191.194 -> 12.82.128.181 ICMP echo request
#13-141| [2002-03-31 21:40:45] 65.214.50.130 -> 12.82.128.181 ICMP echo request
#13-142| [2002-03-31 21:40:45] 208.254.18.130 -> 12.82.128.181 ICMP echo request
#13-143| [2002-03-31 21:40:46] 193.45.3.130 -> 12.82.128.181 ICMP echo request
#13-144| [2002-03-31 21:40:46] 206.65.191.194 -> 12.82.128.181 ICMP echo request
#13-154| [2002-03-31 21:50:43] 12.224.212.194:1272 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-155| [2002-03-31 22:21:18] 12.82.171.3:3181 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-156| [2002-03-31 22:21:21] 12.82.171.3:3181 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-160| [2002-03-31 22:40:24] 12.237.181.33:1681 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#13-161| [2002-03-31 22:40:26] 12.237.181.33:1681 -> 12.82.128.181:80 Potential CodeRed/Nimda probe
#14-1| [2002-03-31 22:52:43] 12.82.171.3:1805 -> 12.82.140.60:80 Potential CodeRed/Nimda probe
#14-2| [2002-03-31 22:52:46] 12.82.171.3:1805 -> 12.82.140.60:80 Potential CodeRed/Nimda probe
#14-5| [2002-03-31 23:55:06] 68.2.165.52:1567 -> 12.82.140.60:53 TCP to 53 domain
jsage@finchhaven.com
Last modified: Fri Apr 5 01:46:46 2002