Database of Intrusions detected by Network ICE
advICE
: Intrusions
The following is the list of intrusions detected by Network ICE.
2000001
(6)
Land attack
2000002
(2)
Unknown IP protocol
2000003
(4)
Teardrop attack
2000004
(1)
NewTear attack
2000005
(3)
SynDrop attack
2000006
(2)
TearDrop2 attack
2000007
(2)
Bonk DoS
2000008
(2)
Boink DoS
2000009
(3)
IP Fragment overlap
2000010
(1)
IP last fragment length changed
2000011
(2)
Too much IP fragmentation
2000012
(11)
Ping of death
2000013
(5)
IP source route
2000014
(2)
Zero length IP option
2000015
(1)
Nestea attack
2000016
(1)
Empty fragment
2000017
(1)
IP unaligned timestamp
2000018
(6)
Jolt2
2000019
(2)
Jolt
2000020
(1)
IP microfragment
2000021
(3)
SSping attack
2000022
(2)
Flushot attack
2000023
(5)
IP source route end
2000024
(2)
Oshare attack
2000025
(3)
IP fragment data changed
2000101
(1)
Traceroute
2000102
(2)
Echo storm
2000103
(3)
Possible Smurf attack initiated
2000104
(2)
ICMP unreachable storm
2000105
(1)
ICMP subnet mask request
2000106
(1)
Ping sweep
2000107
(4)
Suspicious Router advertisement
2000108
(4)
Corrupt IP options
2000109
(3)
Echo reply without request
2000110
(0)
ICMP flood
2000111
(0)
Twinge attack
2000112
(3)
Loki
2000201
(3)
UDP port scan
2000202
(4)
UDP port loopback
2000203
(7)
Snork attack
2000204
(7)
Ascend Attack
2000205
(4)
Possible Fraggle attack initiated
2000207
(2)
UDP short header
2000208
(1)
Saihyousen attack
2000209
(1)
W2K domain controller attack
2000210
(4)
Echo_Denial_of_Service
2000211
(4)
Chargen_Denial_of_Service
2000301
(3)
TCP port scan
2000302
(6)
TCP SYN flood
2000303
(2)
WinNuke attack
2000304
(1)
TCP sequence out-of-range
2000305
(1)
TCP FIN scan
2000306
(2)
TCP header fragmentation
2000307
(3)
TCP short header
2000308
(1)
TCP XMAS scan
2000309
(1)
TCP null scan
2000310
(1)
TCP ACK ping
2000311
(1)
TCP post connection SYN
2000312
(2)
TCP FIN or RST seq out-of-range
2000313
(2)
TCP OS fingerprint
2000314
(5)
NMAP OS fingerprint
2000315
(0)
Zero length TCP option
2000316
(1)
TCP small segment size
2000317
(1)
TCP SYN with URG flag
2000318
(0)
TCP Invalid Urgent offset
2000319
(3)
RFProwl exploit
2000320
(3)
TCP data changed
2000321
(3)
Queso Scan
2000401
(2)
DNS zone transfer
2000402
(8)
DNS cache poison
2000403
(21)
DNS name overflow
2000404
(1)
DNS non-Internet lookup
2000405
(2)
DNS malformed
2000406
(4)
DNS Internet not 4 bytes
2000407
(1)
DNS HINFO query
2000408
(5)
DNS spoof successful
2000409
(3)
DNS IQUERY
2000410
(5)
DNS I-Query exploit
2000411
(4)
DNS Chaos lookup
2000413
(0)
NetBIOS names query
2000414
(7)
DNS spoof attempt
2000415
(6)
DNS NXT record overflow
2000416
(1)
DNS null
2000417
(5)
DNS BIND version request
2000418
(6)
AntiSniff DNS exploit
2000419
(2)
Excessive DNS requests
2000420
(2)
DNS ZXFR
2000421
(9)
DNS TSIG name overflow
2000422
(5)
DNS name overflow contains %
2000423
(5)
DNS name overflow very long
2000501
(2)
SMB malformed
2000502
(1)
SMB empty password
2000503
(0)
SMB I/O using printer share
2000504
(5)
SMB password overflow
2000505
(1)
SMB file name overflow
2000506
(1)
SMB Unicode file name overflow
2000507
(1)
SMB unencrypted password
2000508
(1)
RFParalyze exploit
2000600
(0)
HTTP Attack
2000601
(20)
HTTP URL overflow
2000602
(4)
HTTP cgi starting with php
2000603
(40)
HTTP URL directory traversal/climbing
2000604
(0)
HTTP asp with . appended
2000605
(0)
HTTP cgi with ~ appended
2000606
(3)
HTTP URL has many slashes
2000607
(4)
HTTP URL with ::$DATA appended
2000608
(16)
HTTP GET data overflow
2000609
(18)
HTTP CGI data contains ../../../..
2000610
(3)
HTTP URL with blank appended
2000611
(10)
HTTP GET data with repeated char
2000612
(6)
IIS Double-Byte Code attempt
2000613
(6)
HTTP HOST: repeated many times
2000614
(4)
HTTP URL contains old DOS filename
2000615
(1)
HTTP ACCEPT: field overflow
2000616
(0)
HTTP URL contains /./
2000617
(22)
HTTP URL contains /...
2000618
(14)
HTTP GET data contains /...
2000619
(0)
HTTP URL scan
2000620
(1)
Whisker URL fingerprint
2000621
(1)
Web site copying
2000622
(10)
HTTP Authentication overflow
2000623
(1)
HTTP POST data contains ../../../..
2000624
(0)
HTTP POST data contains /...
2000625
(0)
HTTP URL with repeated char
2000626
(1)
HTTP POST data with repeated char
2000627
(1)
HTTP URL bad hex code
2000628
(2)
HTTP URL contains %00
2000629
(1)
HTTP User-Agent overflow
2000630
(2)
HTTP asp with \ appended
2000631
(2)
URL with repeated .
2000632
(1)
HTTP JavaServer URL in Caps
2000633
(2)
HTTP URL with +.htr appended
2000634
(2)
HTTP path contains *.jhtml or *.jsp
2000635
(0)
HTTP POST data contains script
2000636
(1)
HTTP HOST: field overflow
2000638
(2)
HTTP Cookie overflow
2000639
(7)
HTTP UTF8 backtrack
2000640
(1)
HTTP GET data contains script
2000641
(2)
HTTP login name well known
2000642
(2)
HTTP DAV PROPFIND overflow
2000643
(2)
SubSeven CGI
2000644
(0)
Repeated access to same Web service
2000645
(6)
HTTP URL with double-encoded ../
2000646
(1)
HTTP field with binary
2000647
(0)
HTTP several fields with binary
2000648
(0)
HTTP CONNECTION: field overflow
2000649
(1)
HTTP Form filename overflow
2000650
(1)
HTTP Form field name overflow
2000700
(0)
POP3 Attack
2000701
(25)
POP3 USER overflow
2000702
(13)
POP3 password overflow
2000703
(4)
POP3 MIME filename overflow
2000704
(5)
POP3 command overflow
2000705
(2)
POP3 AUTH overflow
2000706
(3)
POP3 RETR overflow
2000707
(3)
POP3 MIME filename repeated chars
2000708
(2)
POP3 MIME filename repeated blanks
2000709
(2)
POP3 Date overflow
2000710
(2)
POP3 APOP name overflow
2000711
(1)
POP3 false attachment
2000800
(0)
IMAP4 Attack
2000801
(5)
IMAP4 user name overflow
2000802
(4)
IMAP4 password overflow
2000803
(4)
IMAP4 authentication overflow
2000804
(1)
IMAP4 command overflow
2000805
(1)
IMAP4 Parm Overflow
2000901
(0)
Telnet abuse
2000902
(9)
Telnet login name overflow
2000903
(3)
Telnet password overflow
2000904
(4)
Telnet terminal type overflow
2000905
(3)
Telnet NTLM tickle
2000906
(9)
Telnet Bad Environment
2000907
(0)
Telnet Bad IFS
2000908
(3)
Telnet Environment Format String Attack
2000909
(0)
Telnet RESOLV_HOST_CONF
2000910
(0)
Telnet bad TERM
2000911
(0)
Telnet bad TERMCAP
2000912
(1)
Telnet XDISPLOC
2000913
(1)
Telnet AUTH USER overflow
2000914
(0)
Telnet ENV overflow
2000915
(2)
Telnet login name well known
2000916
(2)
Telnet Backdoor
2000918
(1)
Telnet many AYTs
2001000
(0)
SMTP Attack
2001001
(1)
SMTP pipe in mail address
2001002
(7)
SMTP DEBUG command
2001003
(10)
SMTP login name overflow
2001004
(0)
SMTP EXPN command
2001005
(1)
SMTP VRFY command
2001006
(3)
SMTP WIZ command
2001007
(4)
SMTP Too many recipients
2001008
(7)
SMTP corrupted MAIL command
2001009
(12)
SMTP email name overflow
2001010
(8)
SMTP corrupted RCPT command
2001011
(2)
SMTP relay attempt
2001012
(6)
SMTP command overflow
2001013
(5)
SMTP mail to decode alias
2001014
(0)
SMTP mail to uudecode alias
2001015
(1)
SMTP too many errors
2001016
(3)
SMTP MIME file name overflow
2001017
(1)
SMTP uucp-style recipient
2001018
(2)
SMTP encapsulated relay
2001019
(9)
SMTP encapsulated Exchange relay
2001020
(1)
SMTP mail to rpmmail alias
2001021
(2)
SMTP MIME name overflow
2001022
(2)
SMTP MIME filename repeated chars
2001023
(2)
SMTP MIME filename repeated blanks
2001024
(1)
SMTP ETRN overflow
2001025
(2)
SMTP Date overflow
2001026
(1)
SMTP Recipient with trailing dot
2001027
(2)
SMTP FROM: field overflow
2001028
(3)
SMTP Reply-to exec
2001029
(8)
SMTP MIME null charset
2001030
(2)
SMTP ENVID overflow
2001031
(1)
SMTP false attachment
2001032
(2)
SMTP Expn Overflow
2001033
(2)
SMTP Vrfy Overflow
2001034
(3)
SMTP Listserv Overflow
2001036
(0)
SMTP Auth Overflow
2001040
(0)
SMTP Xchg Auth
2001041
(0)
SMTP Turn
2001053
(1)
SMTP many quotes in recipient
2001101
(4)
Finger
2001102
(1)
Finger forwarding
2001103
(4)
Finger forwarding overflow
2001104
(6)
Finger command
2001105
(0)
Finger list
2001106
(1)
Finger filename
2001107
(3)
Finger overflow
2001108
(3)
Finger search
2001109
(1)
Finger Backdoor
2001110
(1)
Finger Scan
2001111
(1)
Finger Enumeration
2001201
(1)
TFTP file not found
2001202
(3)
TFTP file name overflow
2001203
(5)
TFTP Traversal
2001204
(1)
TFTP Exe Transfer
2001205
(1)
TFTP Web Transfer
2001206
(1)
TFTP Echo Bounce
2001301
(6)
FTP invalid PORT command
2001302
(7)
FTP PORT bounce to other system
2001303
(5)
FTP PORT restricted
2001304
(4)
FTP CWD ~root command
2001305
(5)
FTP SITE EXEC command
2001306
(10)
FTP USER name overflow
2001307
(6)
FTP password overflow
2001308
(15)
FTP CWD directory overflow
2001309
(4)
FTP file name overflow
2001310
(11)
FTP command line overflow
2001311
(2)
FTP pipe in filename
2001312
(7)
FTP MKD directory overflow
2001313
(2)
ProFTPD snprintf exploit
2001314
(1)
FTP SITE PSWD exploit
2001315
(3)
FTP compress exec exploit
2001316
(3)
FTP file exec exploit
2001317
(5)
FTP command too long
2001318
(0)
FTP data too long
2001319
(4)
FTP NLST directory overflow
2001320
(5)
FTP SITE ZIPCHK metacharacters
2001321
(4)
FTP SITE ZIPCHK buffer overflow
2001322
(6)
FTP SITE EXEC exploit
2001323
(1)
FTP PrivilegedBounce
2001324
(0)
FTP Site Exec DotDot
2001325
(0)
FTP Site Exec Format Attack
2001326
(0)
FTP Site Exec Tar
2001327
(1)
FTP Site Chown Overflow
2001328
(2)
FTP AIX Overflow
2001329
(2)
FTP HELP Overflow
2001330
(4)
FTP Glob Overflow
2001331
(1)
FTP Pasv DoS
2001332
(0)
FTP Mget DotDot
2001333
(0)
FTP Mkdir
2001334
(0)
FTP Syst
2001350
(1)
FTP Demi Glob
2001401
(2)
RWHO host name overflow
2001501
(6)
Back Orifice scan
2001502
(1)
Netbus response
2001503
(2)
Quake backdoor
2001504
(2)
HP Remote watch
2001505
(1)
Back Orifice response
2001506
(1)
Back Orifice ping
2001507
(6)
PCAnywhere ping
2001508
(1)
ISS Ping Scan
2001509
(0)
ISS UDP scan
2001510
(0)
Cybercop FTP scan
2001511
(2)
WhatsUp scan
2001512
(1)
Back Orifice 2000 ping
2001513
(1)
Back Orifice 2000 auth
2001514
(1)
Back Orifice 2000 command
2001515
(1)
Back Orifice 2000 response
2001516
(1)
Trojan horse response
2001517
(2)
Scan by sscan program
2001518
(1)
phAse Zero trojan horse activity
2001519
(2)
SubSeven trojan horse activity
2001520
(1)
GateCrasher trojan horse activity
2001521
(1)
GirlFriend trojan horse activity
2001522
(1)
EvilFTP trojan horse activity
2001523
(1)
NetSphere trojan horse activity
2001524
(2)
Trinoo Master activity
2001525
(2)
Trinoo Daemon activity
2001526
(1)
NMAP ping
2001527
(2)
NetSphere Client
2001528
(1)
Mstream agent activity
2001529
(1)
Mstream handler activity
2001530
(2)
SubSeven password-protected activity
2001531
(2)
Qaz trojan horse activity
2001533
(2)
Hack-a-tack trojan horse activity
2001534
(2)
Hack-a-tack trojan horse ping
2001535
(2)
Bionet trojan horse activity
2001536
(3)
Y3K trojan horse ping
2001537
(3)
Y3K trojan horse activity
2001601
(1)
FTP login failed
2001602
(2)
HTTP login failed
2001603
(1)
IMAP4 login failed
2001604
(2)
POP3 login failed
2001605
(2)
rlogin login failed
2001606
(1)
SMB login failed
2001607
(1)
SQL login failed
2001608
(2)
Telnet login failed
2001609
(1)
SMTP login failed
2001610
(2)
PCAnywhere login failed
2001611
(1)
SOCKS login failed
2001612
(0)
VNC login failed
2001701
(3)
rpc.automountd overflow
2001702
(5)
rpc.statd overflow
2001703
(8)
rpc.tooltalkd overflow
2001704
(0)
rpc.admind auth
2001705
(3)
rpc.portmap dump
2001706
(4)
rpc.mountd overflow
2001707
(0)
RPC nfs/lockd attack
2001708
(1)
rpc.portmap.set
2001709
(1)
rpc.portmap.unset
2001710
(0)
rpc.pcnfs backdoor
2001711
(0)
rpc.statd dotdot file create
2001712
(2)
rpc.ypupdated command
2001713
(1)
rpc.nfs uid is zero
2001714
(2)
rpc.nfs mknod
2001715
(6)
rpc.nisd long name
2001716
(4)
rpc.statd with automount
2001717
(6)
rpc.cmsd overflow
2001718
(5)
rpc.amd overflow
2001719
(1)
RPC bad credentials
2001720
(1)
RPC suspicious credentials
2001721
(0)
RPC getport probe
2001722
(7)
rpc.sadmind overflow
2001723
(8)
rpc.SGI FAM access
2001724
(2)
RPC CALLIT unknown
2001725
(2)
RPC CALLIT attack
2001726
(6)
RPC CALLIT mount
2001727
(1)
rpc.bootparam whoami mismatch
2001728
(1)
RPC prog grind
2001729
(2)
RPC high-port portmap
2001730
(2)
RPC ypbind directory climb
2001731
(2)
RPC showmount exports
2001732
(6)
RPC selection_svc hold file
2001733
(0)
RPC suspicious lookup
2001734
(4)
RPC SNMPXDMID overflow
2001735
(0)
RPC CALLIT ping
2001736
(3)
RPC yppasswdd overflow
2001737
(3)
rpc.statd Format Attack
2001738
(2)
RPC Sadmind Ping
2001739
(2)
RPC Amd Version
2001740
(2)
RPC Amd Pid
2001801
(9)
IRC buffer overflow
2001802
(3)
SubSeven IRC notification
2001803
(2)
IRC Trinity agent
2001804
(3)
Y3K IRC notification
2001901
(4)
IDENT invalid response
2001902
(1)
IDENT scan
2001903
(1)
IDENT suspicious ID
2001904
(1)
IDENT version
2001905
(1)
IDENT newline
2002001
(1)
SNMP Corrupt
2002002
(4)
SNMP Crack
2002003
(5)
SNMP backdoor
2002004
(1)
SNMP discovery broadcast
2002005
(3)
SNMP sysName overflow
2002006
(6)
SNMP WINS deletion
2002007
(3)
SNMP SET sysContact
2002008
(4)
SNMP lanmanager enumeration
2002009
(4)
SNMP TFTP retrieval
2002010
(1)
SNMP hangup
2002011
(1)
SNMP disable authen-traps
2002012
(2)
SNMP snmpdx attack
2002013
(2)
SNMP 3Com communities
2002014
(1)
SNMP dialup username
2002015
(1)
SNMP dialup phone number
2002016
(1)
SNMP scanner
2002017
(2)
SNMP passwd
2002018
(2)
SNMP community long
2002019
(0)
SNMP echo bounce
2002020
(1)
SNMP HP Route Metachar
2002021
(1)
SNMP HP OpenView hidden community
2002022
(1)
SNMP SUN hidden community
2002101
(4)
rlogin -froot backdoor
2002102
(2)
rlogin login name overflow
2002103
(2)
rlogin password overflow
2002104
(5)
rlogin TERM overflow
2002105
(4)
Rlogin login name well known
2002201
(2)
Melissa virus
2002202
(1)
Papa virus
2002203
(1)
PICTURE.EXE virus
2002204
(3)
W97M.Marker.a virus
2002205
(3)
ExploreZip worm
2002206
(0)
Keystrokes monitored
2002207
(1)
PrettyPark worm
2002208
(0)
ILOVEYOU worm
2002209
(2)
Worm extensions
2002210
(1)
Worm address
2002301
(0)
Duplicate IP address
2002401
(4)
NNTP name overflow
2002402
(6)
NNTP pipe seen
2002403
(1)
NNTP Message-ID too long
2002500
(0)
Suspicious URL
2002501
(4)
bat URL type
2002502
(0)
cmd URL type
2002503
(5)
CGI aglimpse
2002504
(2)
CGI AnyForm2
2002505
(0)
CGI bash
2002506
(3)
CGI campas
2002507
(2)
CGI convert.bas
2002508
(0)
CGI csh
2002509
(2)
CGI faxsurvey
2002510
(0)
CGI finger
2002511
(6)
CGI formmail
2002512
(3)
CGI formmail.pl
2002513
(2)
CGI glimpse
2002514
(3)
CGI guestbook.cgi
2002515
(3)
CGI guestbook.pl
2002516
(4)
CGI handler
2002517
(3)
CGI htmlscript
2002518
(3)
CGI info2www
2002519
(1)
CGI machineinfo
2002520
(3)
CGI nph-test-cgi
2002521
(1)
CGI perl
2002522
(1)
CGI perl.exe
2002523
(3)
CGI pfdispaly.cgi
2002524
(7)
CGI phf
2002525
(1)
CGI rguest.exe
2002526
(1)
CGI wguest.exe
2002527
(0)
CGI rksh
2002528
(0)
CGI sh
2002529
(0)
CGI tcsh
2002530
(3)
CGI test-cgi.tcl
2002531
(3)
CGI test-cgi
2002532
(4)
CGI view-source
2002533
(3)
CGI webdist.cgi
2002534
(3)
CGI webgais
2002535
(3)
CGI websendmail
2002536
(2)
CGI win-c-sample.exe
2002537
(4)
CGI wwwboard.pl
2002538
(5)
CGI uploader.exe
2002539
(4)
CGI mlog.html
2002540
(3)
CGI mylog.html
2002541
(0)
CGI snork.bat
2002542
(3)
CGI newdsn.exe
2002543
(3)
FrontPage service.pwd
2002544
(4)
.bash_history URL
2002545
(1)
.url URL type
2002546
(3)
.lnk URL type
2002547
(1)
WebStore admin URL
2002548
(1)
Shopping cart order URL
2002549
(1)
Order Form V1.2 data URL
2002550
(1)
Order Form data URL
2002551
(1)
EZMall data URL
2002552
(1)
QuikStore configuration URL
2002553
(1)
SoftCart password URL
2002554
(3)
Cold Fusion Sample URL
2002555
(4)
favicon.ico bad format
2002556
(1)
Site Server sample URL
2002557
(1)
IIS sample URL
2002558
(1)
IIS password change
2002559
(6)
IIS malformed .HTR request
2002560
(7)
IIS data service query
2002561
(1)
.htaccess URL
2002562
(3)
passwd.txt URL
2002563
(0)
NT system backup URL
2002564
(2)
CGI imagemap.exe
2002565
(3)
adpassword.txt URL
2002566
(1)
CGI whois suspicious field
2002567
(2)
Cold Fusion cache URL
2002568
(4)
IIS malformed HTW request
2002569
(1)
CGI finger.cgi
2002570
(2)
WebSpeed admin URL
2002571
(2)
UBB suspicious posting
2002572
(2)
SubSeven ICQ pager URL
2002573
(1)
Oracle batch file URL
2002574
(2)
sojourn.cgi argument contains %00
2002575
(4)
Index Server null.htw exploit
2002576
(3)
FrontPage extension backdoor URL
2002577
(3)
FrontPage htimage.exe URL
2002578
(3)
InfoSearch CGI exploit
2002579
(2)
Cart32 Clientlist URL
2002580
(2)
Cart32 ChangeAdminPassword URL
2002581
(2)
Listserv CGI exploit
2002582
(3)
Calendar CGI exploit
2002583
(3)
Rockliffe CGI exploit
2002584
(1)
RealServer Denial-of-service URL
2002585
(1)
Java Admin Servlet backdoor URL
2002586
(1)
DOS DoS URL
2002587
(1)
Auction Weaver CGI exploit
2002589
(1)
CGI jj exploit
2002590
(2)
classifieds.cgi
2002591
(2)
BNBSurvey survey.cgi
2002592
(1)
YaBB exploit
2002593
(1)
Webplus CGI exploit
2002594
(5)
Squid cachemgr.cgi
2002595
(3)
IIS system32 command
2002596
(1)
Webevent admin
2002597
(1)
Unify UploadServlet
2002598
(1)
Thinking Arts directory traversal
2002599
(1)
Lotus Domino directory traversal
2002600
(1)
Commerce.cgi directory traversal
2002601
(1)
CGI mailnews suspicious field
2002602
(1)
FrontPage Publishing DoS
2002603
(0)
way-board cgi file access
2002604
(0)
roads cgi file access
2002605
(2)
Hack-a-tack ICQ pager URL
2002606
(2)
Bionet ICQ pager URL
2002607
(6)
IIS .printer overflow
2002608
(3)
ISAPI index extension overflow
2002609
(3)
Y3K ICQ pager URL
2002610
(3)
HTTP Pfdisplay Execute
2002611
(3)
HTTP Pfdisplay Read
2002612
(1)
CART32 expdate
2002614
(1)
Search97.vts
2002619
(0)
Viewexample.cfm
2002678
(1)
showcode.asp
2002701
(1)
SMB passwd file
2002702
(4)
SMB sam file
2002703
(0)
SMB winreg file
2002704
(0)
SMB pwl file type
2002705
(1)
SMB win.ini file
2002706
(1)
Startup file access
2002707
(2)
SMB autoexec.bat file access
2002710
(0)
SMB RICHED20.DLL access
2002752
(1)
Dansie shopping cart
2002801
(3)
MS rpc dump
2002802
(0)
MS share dump
2002803
(1)
MS domain dump
2002804
(1)
MS name lookup
2002805
(1)
MS security ID lookup
2002806
(5)
Malformed LSA request
2002807
(2)
RFPoison attack
2002808
(3)
LsaLookup Denial of Service
2002901
(0)
PPTP malformed
2002902
(4)
IGMP fragments
2002903
(5)
SNTP malformed
2002904
(2)
XDMCP gdm exploit
2002905
(0)
VNC no authentication
2002906
(0)
VCF attachment overflow
2002907
(7)
SNTP overflow
2002908
(1)
Quake Exploit
2002909
(0)
Login Backdoor
2002911
(1)
RADIUS User Overflow
2002912
(0)
RADIUS Pass Overflow
2003001
(2)
HTTP port probe
2003002
(2)
POP3 port probe
2003003
(3)
SMTP port probe
2003004
(1)
FTP port probe
2003005
(3)
IMAP4 port probe
2003006
(2)
TELNET port probe
2003007
(1)
FINGER port probe
2003008
(1)
RLOGIN port probe
2003009
(5)
NetBIOS port probe
2003010
(3)
NNTP port probe
2003011
(1)
DNS TCP port probe
2003012
(2)
PCANYWHERE port probe
2003013
(1)
SQL port probe
2003014
(1)
MSRPC TCP port probe
2003015
(1)
XWINDOWS port probe
2003016
(3)
RPC TCP port probe
2003017
(3)
SOCKS port probe
2003018
(1)
PPTP port probe
2003019
(1)
IRC port probe
2003020
(2)
IDENT port probe
2003021
(3)
Linux conf port probe
2003022
(2)
LPR port probe
2003101
(3)
TCP trojan horse probe
2003102
(2)
TCP port probe
2003103
(1)
Netbus probe
2003104
(0)
Proxy port probe
2003105
(0)
SubSeven port probe
2003106
(1)
T0rn port probe
2003201
(0)
SECURITY/SAM reg hack
2003202
(2)
RUN reg hack
2003203
(1)
RDS reg hack
2003204
(1)
Index Server reg hack
2003205
(3)
NT RASMAN Privilege Escalation attempt
2003206
(3)
LSA Secrets attempt
2003207
(2)
AeDebug reg hack
2003208
(1)
IMail privilege escalation attempt
2003209
(1)
SQL Exec Passwd
2003301
(3)
AOL Instant Messenger overflow
2003302
(2)
AOL w00w00 attack
2003401
(1)
SNMP port probe
2003402
(0)
RPC UDP port probe
2003403
(0)
NFS port probe
2003404
(2)
TFTP port probe
2003405
(0)
MSRPC UDP port probe
2003406
(0)
UDP ECHO port probe
2003407
(0)
CHARGEN port probe
2003408
(0)
QOTD port probe
2003409
(1)
DNS UDP port probe
2003410
(0)
MSDNS port probe
2003411
(0)
NFS-LOCKD port probe
2003412
(1)
Norton Antivirus port probe
2003501
(2)
UDP Trojan Horse probe
2003502
(3)
UDP port probe
2003601
(1)
FTP passwd file
2003602
(5)
FTP sam file
2003604
(0)
FTP pwl file type
2003605
(1)
FTP win.ini file
2003606
(1)
FTP Host File
2003701
(5)
TFTP passwd file
2003702
(5)
TFTP sam file
2003704
(0)
TFTP pwl file type
2003705
(1)
TFTP win.ini file
2003706
(1)
TFTP Host File
2003707
(4)
TFTP Alcatel files
2003801
(0)
HTTP GET passwd file
2003802
(5)
HTTP GET sam file
2003804
(0)
HTTP GET pwl file type
2003806
(1)
HTTP GET AltaVista password
2003901
(1)
HTTP POST passwd file
2003902
(5)
HTTP POST sam file
2003904
(0)
HTTP POST pwl file type
2003905
(1)
HTTP POST win.ini file
2004001
(1)
SOCKS connect
2004002
(0)
SOCKS over SOCKS
2004101
(2)
Java contains Brown Orifice attack
2004201
(2)
HTTP Cross site scripting
2004301
(1)
DHCP Domain Metachar
2004302
(1)
BOOTP File Overflow
2004303
(2)
UPNP NOTIFY overflow
2004401
(2)
SubSeven email
2004402
(2)
Bionet email
2004403
(3)
Y3K email
2004501
(1)
HTTP GET contains xp_cmdshell
2004502
(1)
HTTP POST contains xp_cmdshell
2004503
(1)
HTTP GET contains create%table
2004504
(1)
HTTP POST contains create%table
2004505
(1)
HTTP GET contains group%by
2004506
(1)
HTTP POST contains group%by
2004507
(1)
HTTP GET contains compute%sum
2004508
(1)
HTTP POST contains compute%sum
2004601
(2)
Code Red I
2004602
(2)
Code Red II
2004603
(3)
Code Red II+
2009100
(0)
DNS crack successful
2009201
(1)
ISS Scan
2009202
(0)
CyberCop Scan
2009203
(1)
Nessus Scan
2009204
(1)
Satan Scan
2009205
(1)
Saint Scan
2009206
(1)
Cerebus Scan
2009207
(0)
Retina Scan
2010000-2010999
(0)
User-specified filename
2011000-2011999
(0)
User-specified URL
2012000-2012999
(0)
User-specified email recipient
2013000-2013999
(0)
User-specified email pattern
2014000-2014999
(0)
User-specified MIME-attached filename
2015000-2015999
(0)
User-specified TCP probe port
2016000-2016999
(0)
User-specified UDP probe port
2017000-2017999
(0)
User-specified registry key
2018000-2018999
(0)
User-specified TCP trojan response
2019000-2019999
(0)
User-specified IRC channel name
2020000-2020999
(0)
User-specified Java pattern
2105036
(0)
CSimple.asp overflow
2105037
(0)
HTR localstart overflow
2105038
(0)
SSI safety overflow
2105039
(0)
ISAPI dumpvariables overflow
2106000
(1)
SNMP VACM community
2106006
(1)
SNMP cable-docsis community
2106007
(1)
SNMP ILMI community
2106019
(1)
Dragon-Fire CGI
2106020
(1)
ECware.exe CGI
2106021
(2)
EZshopper loadpage CGI
2106022
(1)
EZshopper search CGI
2106023
(1)
Homefree search CGI
2106030
(1)
PHP CGI overflow
2106033
(1)
rpc-nlog.pl CGI command
2106034
(1)
reg-echo CGI
2106036
(1)
URL ends with ~
2106042
(1)
Cdomain whois_raw.cgi
2106046
(1)
Exair sample ASP
2106053
(1)
URL contains UTF-8 encoding
2106054
(0)
URL contains Unicode > 255
2106056
(0)
URL contains Unicode encoding
2106072
(1)
SNMP bad packet tag
2106073
(1)
SNMP packet underflow
2106074
(1)
SNMP bad version tag
2106075
(1)
SNMP version underflow
2106076
(1)
SNMP bad community tag
2106077
(1)
SNMP community underflow
2106078
(1)
SNMP bad PDU tag
2106079
(1)
SNMP pdu underflow
2106080
(1)
SNMP enterprise invalid
2106081
(1)
SNMP enterprise underflow
2106082
(1)
SNMP trap addr invalid
2106083
(1)
SNMP trap addr underflow
2106084
(1)
SNMP bad generic trap
2106085
(1)
SNMP bad specific trap
2106086
(1)
SNMP bad trap timestamp tag
2106087
(1)
SNMP trap timestamp underflow
2106088
(1)
SNMP bad rqst Id tag
2106089
(1)
SNMP bad err status tag
2106090
(1)
SNMP bad err index tag
2106091
(1)
SNMP bad varbindlist tag
2106092
(1)
SNMP varbindlist underflow
2106093
(1)
SNMP empty packet
2106094
(1)
SNMP int overflow
2106095
(1)
SNMP int underflow
2106096
(1)
SNMP uint overflow
2106097
(1)
SNMP uint underflow
2106098
(1)
SNMP length indefinite
2106099
(1)
SNMP length underflow
2106100
(1)
SNMP long field length
2106101
(1)
SNMP oid underflow
2106102
(1)
SNMP oid overflow
2106103
(1)
SNMP bad varbind tag
2106104
(1)
SNMP varbind underflow
2106105
(1)
SNMP bad oid tag
2106106
(1)
SNMP value underflow
2106107
(1)
SNMP bad version size
2106108
(1)
SNMP bad rqst id
2106109
(1)
SNMP bad err status
2106110
(1)
SNMP bad err index
2106111
(1)
SNMP bad enterprise tag
2106112
(1)
SNMP bad generic trap tag
2106113
(1)
SNMP bad specific trap tag
2106114
(1)
SNMP long oid
2106115
(1)
SNMP null in string
2106116
(1)
SNMP format string
2106117
(1)
SNMP community format
2106118
(1)
SNMP unknown tag
2106119
(1)
SNMP nonzero len null type
2106120
(1)
SNMP counter64
2106121
(1)
SNMP too many vars
2106122
(1)
SNMP null in community
2106151
(2)
MS SQL Slammer Worm
2109001
(1)
Compaq Insight DMI overflow
2113000
(0)
FTP session status DoS
2110005
(25)
2113003
(0)
HTTP IIS ISAPI DoS
2900001
(0)
Application Terminated
2900002
(0)
Application Added
2900003
(0)
Application Communication Blocked
Config
(0)
Configuration parameters
Version appeared:
Privacy Policy
|
Copyright Info
