Alert Table for aws_capture0.pcap

Relative Time	Packet	Source	Source Port	Destination	Dest Port	Category	Rule Set	Signature	Severity
410.0	79	52.73.169.169	53904	10.0.0.84	53	Misc Attack	ET CINS	Active Threat Intelligence Poor Reputation IP group 82	2
463.0	85	139.162.110.42	56059	10.0.0.84	3306	Potentially Bad Traffic	ET SCAN	Suspicious inbound to mySQL port 3306	2
522.0	106	153.36.232.139	21643	10.0.0.84	22	Generic Protocol Command Decode	SURICATA STREAM	reassembly overlap with different data	3
522.0	107	10.0.0.84	22	153.36.232.139	21643	Generic Protocol Command Decode		SURICATA Applayer Detect protocol only one direction	3
822.0	154	77.247.110.153	5076	10.0.0.84	5060	Attempted Information Leak	ET SCAN	Sipvicious Scan	2
822.0	154	77.247.110.153	5076	10.0.0.84	5060	Attempted Information Leak	ET SCAN	Sipvicious User-Agent Detected (friendly-scanner)	2
2024.0	308	103.28.103.152	5090	10.0.0.84	5060	Attempted Information Leak	ET SCAN	Sipvicious Scan	2
2024.0	308	103.28.103.152	5090	10.0.0.84	5060	Attempted Information Leak	ET SCAN	Sipvicious User-Agent Detected (friendly-scanner)	2
3077.0	441	185.53.88.44	5148	10.0.0.84	5060	Attempted Information Leak	ET SCAN	Sipvicious Scan	2
3077.0	441	185.53.88.44	5148	10.0.0.84	5060	Attempted Information Leak	ET SCAN	Sipvicious User-Agent Detected (friendly-scanner)	2
3541.0	527	77.247.110.186	25404	10.0.0.84	5060	Attempted Information Leak	ET SCAN	Sipvicious User-Agent Detected (friendly-scanner)	2
3585.0	531	104.140.188.58	56606	10.0.0.84	161	Attempted Information Leak	GPL SNMP	public access udp	2
3944.0	578	71.6.232.6	54512	10.0.0.84	161	Attempted Information Leak	GPL SNMP	public access udp	2
4620.0	722	111.6.78.157	58591	10.0.0.84	3306	Potentially Bad Traffic	ET SCAN	Suspicious inbound to mySQL port 3306	2
6404.0	1001	104.140.188.2	63733	10.0.0.84	1433	Potentially Bad Traffic	ET SCAN	Suspicious inbound to MSSQL port 1433	2

Open in new window Done