I have created a new exception for 192.168.8.0/24
(As source network).
However I am still seeing a ton of these: (192.168.3.1 is the Astaro box).
Intrusion Prevention Alert
An intrusion has been detected. The packet has been dropped automatically.
You can toggle this rule between "drop" and "alert only" in WebAdmin.
Details about the intrusion alert:
Message........: WEB-CLIENT Malformed BMP dimensions arbitrary code execution attempt
Details........: Snort ::
Time...........: 2011:05:16-14:08:16
Packet dropped.: yes
Priority.......: 1high
Classification.: Attempted User Privilege Gain IP protocol....: 6 (TCP)
Source IP address: 192.168.8.39
- Where are my results?
- Query the RIPE Database
- http://ws.arin.net/cgi-bin/whois.pl?queryinput=192.168.8.39
- APNIC - Query the APNIC Whois Database
Source port: 80 (http)
Destination IP address: 192.168.3.1 (micromine-gw)
- Where are my results?
- Query the RIPE Database
- http://ws.arin.net/cgi-bin/whois.pl?queryinput=192.168.3.1
- APNIC - Query the APNIC Whois Database
Destination port: 30270
This thread was automatically locked due to age.