
[+] Version: psad v2.0

[+] Top 50 signature matches:
      "MISC Radmin Default install options attempt" (tcp),  Count: 12246,  Unique sources: 215,  Sid: 100204
      "MISC Microsoft SQL Server communication attempt" (tcp),  Count: 9841,  Unique sources: 729,  Sid: 100205
      "PSAD-CUSTOM Slammer communication attempt" (udp),  Count: 5979,  Unique sources: 1617,  Sid: 100208
      "ICMP PING" (icmp),  Count: 4877,  Unique sources: 1384,  Sid: 384
      "ICMP PING Sun Solaris" (icmp),  Count: 1766,  Unique sources: 124,  Sid: 381
      "MISC Windows popup spam attempt" (udp),  Count: 1411,  Unique sources: 36,  Sid: 100196
      "BACKDOOR DoomJuice file upload attempt" (tcp),  Count: 738,  Unique sources: 59,  Sid: 2375
      "MISC MS Terminal Server communication attempt" (tcp),  Count: 730,  Unique sources: 12,  Sid: 100077
      "MISC VNC communication attempt" (tcp),  Count: 194,  Unique sources: 7,  Sid: 100202
      "MISC HP Web JetAdmin communication attempt" (tcp),  Count: 164,  Unique sources: 9,  Sid: 100084
      "BACKDOOR netbus Connection Cttempt" (tcp),  Count: 96,  Unique sources: 2,  Sid: 100028
      "BACKDOOR Subseven connection attempt" (tcp),  Count: 78,  Unique sources: 2,  Sid: 100207
      "DOS arkiea backup communication attempt" (tcp),  Count: 71,  Unique sources: 1,  Sid: 282
      "BACKDOOR typot trojan traffic" (tcp),  Count: 37,  Unique sources: 11,  Sid: 2182
      "ICMP traceroute" (icmp),  Count: 33,  Unique sources: 2,  Sid: 385
      "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp),  Count: 28,  Unique sources: 1,  Sid: 100041
      "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp),  Count: 9,  Unique sources: 1,  Sid: 100206
      "P2P napster communication attempt" (tcp),  Count: 6,  Unique sources: 1,  Sid: 100090
      "POLICY vncviewer Java applet communication attempt" (tcp),  Count: 1,  Unique sources: 1,  Sid: 1846
      "RPC portmap listing UDP 32771" (udp),  Count: 1,  Unique sources: 1,  Sid: 1281
      "ICMP Large ICMP Packet" (icmp),  Count: 1,  Unique sources: 1,  Sid: 499

[+] Top 25 attackers:
      82.42.102.90    DL: 2, Packets: 2, Sig count: 1
      172.172.125.249 DL: 2, Packets: 1, Sig count: 1
      222.248.13.38   DL: 2, Packets: 2, Sig count: 1
      81.195.3.202    DL: 2, Packets: 1, Sig count: 1
      63.91.25.179    DL: 2, Packets: 1, Sig count: 1
      221.209.56.17   DL: 2, Packets: 2, Sig count: 1
      211.229.94.192  DL: 2, Packets: 35, Sig count: 35
      146.129.242.30  DL: 2, Packets: 1, Sig count: 1
      201.254.227.2   DL: 2, Packets: 3, Sig count: 3
      69.211.59.234   DL: 2, Packets: 1, Sig count: 1
      81.86.102.64    DL: 2, Packets: 1, Sig count: 1
      195.122.21.119  DL: 2, Packets: 1, Sig count: 1
      220.152.76.204  DL: 2, Packets: 1, Sig count: 1
      222.149.177.224 DL: 2, Packets: 1, Sig count: 1
      210.127.255.156 DL: 2, Packets: 3, Sig count: 3
      84.222.61.42    DL: 2, Packets: 1, Sig count: 1
      220.249.95.131  DL: 2, Packets: 2, Sig count: 1
      218.154.82.100  DL: 2, Packets: 1, Sig count: 2
      85.65.187.234   DL: 2, Packets: 72, Sig count: 72
      66.30.106.216   DL: 2, Packets: 1, Sig count: 1
      66.131.126.31   DL: 2, Packets: 2, Sig count: 1
      207.181.177.58  DL: 2, Packets: 47, Sig count: 47
      211.91.221.208  DL: 2, Packets: 1, Sig count: 1
      63.175.148.150  DL: 2, Packets: 3, Sig count: 3

[+] Top 20 scanned ports:
      tcp 135   56400 packets
      tcp 445   27142 packets
      tcp 139   16510 packets
      tcp 4899  12246 packets
      tcp 1433  9841 packets
      tcp 3306  4786 packets
      tcp 80    3924 packets
      tcp 22    2829 packets
      tcp 42    2413 packets
      tcp 21    1387 packets
      tcp 1025  1215 packets
      tcp 5554  880 packets
      tcp 3389  730 packets
      tcp 25    723 packets
      tcp 3127  638 packets
      tcp 9898  620 packets
      tcp 6129  529 packets
      tcp 6101  493 packets
      tcp 2100  399 packets
      tcp 1023  363 packets


      udp 1434  5979 packets
      udp 137   3448 packets
      udp 1026  907 packets
      udp 514   810 packets
      udp 1027  527 packets
      udp 53    320 packets
      udp 3412  64 packets
      udp 43215 50 packets
      udp 1     46 packets
      udp 135   39 packets
      udp 5093  33 packets
      udp 111   20 packets
      udp 1024  19 packets
      udp 9969  4 packets
      udp 666   3 packets
      udp 1432  2 packets
      udp 14328 2 packets
      udp 13866 1 packets
      udp 7     1 packets
      udp 6195  1 packets

    Netfilter log prefix counters:
      "Drop udp after inbound try": 27
      "OUTBOUND CONN UDP:": 955
      "INBOUND UDP:": 11374
      "Drop TCP after 17 attempts": 14
      "OUTBOUND CONN TCP:": 1664
      "INBOUND TCP:": 160789
      "INBOUND ICMP:": 4877
      "Drop udp after 23 attempts": 35
      "Drop it after inbound try": 1

    Total scan sources: 4205
    Total scan destinations: 70
    Total packet counters: tcp: 40938, udp: 9001, icmp: 4877

[+] IP Status Detail:

SRC:  82.42.102.90, DL: 2, Dsts: 1, Pkts: 2, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.172.125.249, DL: 2, Dsts: 1, Pkts: 1, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.248.13.38, DL: 2, Dsts: 1, Pkts: 4, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.195.3.202, DL: 2, Dsts: 1, Pkts: 2, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.91.25.179, DL: 2, Dsts: 1, Pkts: 3, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.209.56.17, DL: 2, Dsts: 1, Pkts: 7, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.229.94.192, DL: 2, Dsts: 13, Pkts: 280, Unique sigs: 13

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  146.129.242.30, DL: 2, Dsts: 1, Pkts: 5, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.254.227.2, DL: 2, Dsts: 1, Pkts: 41, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.211.59.234, DL: 2, Dsts: 1, Pkts: 3, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.86.102.64, DL: 2, Dsts: 1, Pkts: 4, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.122.21.119, DL: 2, Dsts: 1, Pkts: 5, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.152.76.204, DL: 2, Dsts: 1, Pkts: 6, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.149.177.224, DL: 2, Dsts: 1, Pkts: 6, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.127.255.156, DL: 2, Dsts: 1, Pkts: 44, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  84.222.61.42, DL: 2, Dsts: 1, Pkts: 7, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.249.95.131, DL: 2, Dsts: 1, Pkts: 52, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.154.82.100, DL: 2, Dsts: 1, Pkts: 8, Unique sigs: 2

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  85.65.187.234, DL: 2, Dsts: 24, Pkts: 1980, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  66.30.106.216, DL: 2, Dsts: 1, Pkts: 9, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.131.126.31, DL: 2, Dsts: 1, Pkts: 128, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  207.181.177.58, DL: 2, Dsts: 24, Pkts: 832, Unique sigs: 24

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  211.91.221.208, DL: 2, Dsts: 1, Pkts: 58, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.175.148.150, DL: 2, Dsts: 1, Pkts: 121, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.187.118.39, DL: 2, Dsts: 1, Pkts: 59, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.202.205.64, DL: 2, Dsts: 1, Pkts: 8, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.248.3.235, DL: 2, Dsts: 8, Pkts: 108, Unique sigs: 8

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  211.212.230.147, DL: 2, Dsts: 1, Pkts: 124, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  202.105.129.215, DL: 2, Dsts: 1, Pkts: 60, Unique sigs: 2

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  211.177.79.44, DL: 2, Dsts: 24, Pkts: 7658, Unique sigs: 43

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 57-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 57-1433 (7 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 57-1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 57-139 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 57-1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 57-139 (7 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 139-1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 57-1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 57-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 57-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 57-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 57-1433 (11 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 139-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 57-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 57 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 57-1433 (14 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  61.185.75.121, DL: 2, Dsts: 3, Pkts: 63, Unique sigs: 3

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.42.156.108, DL: 2, Dsts: 1, Pkts: 23, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.150.117.3, DL: 2, Dsts: 1, Pkts: 24, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  138.73.71.118, DL: 2, Dsts: 1, Pkts: 472, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.88.15.41, DL: 2, Dsts: 1, Pkts: 110, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  208.211.19.57, DL: 2, Dsts: 3, Pkts: 78, Unique sigs: 3

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.98.20.130, DL: 2, Dsts: 1, Pkts: 28, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.209.82.20, DL: 2, Dsts: 1, Pkts: 29, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.62.145.98, DL: 2, Dsts: 24, Pkts: 16856, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 80 (20 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 22-80 (21 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 22-80 (20 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 80 (20 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 22-80 (20 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 80 (20 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 22-80 (4 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 80 (20 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 22-80 (20 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 22-80 (22 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 22-80 (20 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 22-80 (20 packets)

SRC:  80.73.209.173, DL: 2, Dsts: 1, Pkts: 30, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.84.78.31, DL: 2, Dsts: 1, Pkts: 111, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.1.110.192, DL: 2, Dsts: 1, Pkts: 922, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.142.70.108, DL: 2, Dsts: 1, Pkts: 112, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.177.153.106, DL: 2, Dsts: 1, Pkts: 1036, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.120.98.50, DL: 2, Dsts: 1, Pkts: 31, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.221.171.21, DL: 2, Dsts: 1, Pkts: 32, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.108.90.23, DL: 2, Dsts: 2, Pkts: 229, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.140.254.50, DL: 2, Dsts: 8, Pkts: 307, Unique sigs: 8

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.116.15.241, DL: 2, Dsts: 1, Pkts: 116, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.174.220.106, DL: 2, Dsts: 1, Pkts: 926, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.249.135.159, DL: 2, Dsts: 1, Pkts: 44, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.128.13.102, DL: 2, Dsts: 1, Pkts: 1044, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.173.187.144, DL: 2, Dsts: 1, Pkts: 118, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.11.200.77, DL: 2, Dsts: 1, Pkts: 45, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.144.232.176, DL: 2, Dsts: 1, Pkts: 46, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.11.200.59, DL: 2, Dsts: 1, Pkts: 47, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.208.177.186, DL: 2, Dsts: 1, Pkts: 930, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.249.222.67, DL: 2, Dsts: 24, Pkts: 23220, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  221.11.156.218, DL: 2, Dsts: 1, Pkts: 1005, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.251.26.49, DL: 2, Dsts: 1, Pkts: 48, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.17.61.186, DL: 2, Dsts: 2, Pkts: 239, Unique sigs: 4

    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  221.168.197.4, DL: 2, Dsts: 1, Pkts: 1008, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.20.115.100, DL: 2, Dsts: 1, Pkts: 1009, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  218.85.238.186, DL: 2, Dsts: 1, Pkts: 1012, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.74.33.101, DL: 2, Dsts: 1, Pkts: 49, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.40.106.194, DL: 2, Dsts: 1, Pkts: 1015, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.76.67.248, DL: 2, Dsts: 24, Pkts: 25260, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  210.195.12.11, DL: 2, Dsts: 1, Pkts: 50, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  130.239.67.227, DL: 2, Dsts: 1, Pkts: 51, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.243.196.240, DL: 2, Dsts: 1, Pkts: 52, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.106.185.37, DL: 2, Dsts: 1, Pkts: 53, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.118.116.132, DL: 2, Dsts: 24, Pkts: 26583, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  66.60.32.126, DL: 2, Dsts: 1, Pkts: 121, Unique sigs: 2

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.164.48.163, DL: 2, Dsts: 1, Pkts: 1129, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  67.126.194.45, DL: 2, Dsts: 2, Pkts: 245, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.240.29.3, DL: 2, Dsts: 2, Pkts: 109, Unique sigs: 2

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  194.179.25.55, DL: 2, Dsts: 2, Pkts: 113, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.191.113.85, DL: 2, Dsts: 1, Pkts: 124, Unique sigs: 1

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.191.128.14, DL: 2, Dsts: 2, Pkts: 251, Unique sigs: 2

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.184.231.133, DL: 2, Dsts: 1, Pkts: 1131, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  220.158.63.23, DL: 2, Dsts: 1, Pkts: 58, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.217.79.250, DL: 2, Dsts: 1, Pkts: 59, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.17.180.104, DL: 2, Dsts: 1, Pkts: 1344, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.179.251.125, DL: 2, Dsts: 24, Pkts: 30108, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  4.232.57.228, DL: 2, Dsts: 1, Pkts: 60, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  85.33.107.145, DL: 2, Dsts: 19, Pkts: 24740, Unique sigs: 19

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  68.196.112.117, DL: 2, Dsts: 1, Pkts: 61, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.177.56, DL: 2, Dsts: 8, Pkts: 524, Unique sigs: 8

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  151.44.154.244, DL: 2, Dsts: 1, Pkts: 70, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  148.223.119.56, DL: 2, Dsts: 1, Pkts: 71, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.240.122, DL: 2, Dsts: 1, Pkts: 128, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.69.63.171, DL: 2, Dsts: 3, Pkts: 2764, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.26.221.160, DL: 2, Dsts: 1, Pkts: 1452, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  146.145.49.181, DL: 2, Dsts: 24, Pkts: 35638, Unique sigs: 34
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 57-139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 57 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 57-139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 57-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 57-1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (7 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 57-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 57-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.175.7.79, DL: 2, Dsts: 1, Pkts: 103, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.124.104.154, DL: 2, Dsts: 1, Pkts: 104, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.161.252.199, DL: 2, Dsts: 1, Pkts: 105, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.153.220.158, DL: 2, Dsts: 2, Pkts: 1712, Unique sigs: 2

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  4.227.29.211, DL: 2, Dsts: 1, Pkts: 106, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.233.9.244, DL: 2, Dsts: 1, Pkts: 1561, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.165.172.81, DL: 2, Dsts: 1, Pkts: 158, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.0.241.249, DL: 2, Dsts: 1, Pkts: 108, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  63.28.114.152, DL: 2, Dsts: 1, Pkts: 1407, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.207.26.199, DL: 2, Dsts: 2, Pkts: 219, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.178.57.62, DL: 2, Dsts: 1, Pkts: 159, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.215.154.19, DL: 2, Dsts: 3, Pkts: 4234, Unique sigs: 3

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.185.28.106, DL: 2, Dsts: 4, Pkts: 452, Unique sigs: 4

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.17.38.80, DL: 2, Dsts: 1, Pkts: 1576, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.233.44, DL: 2, Dsts: 1, Pkts: 161, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.125.199.246, DL: 2, Dsts: 1, Pkts: 116, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.209.160.173, DL: 2, Dsts: 24, Pkts: 34599, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.18.172.23, DL: 2, Dsts: 1, Pkts: 162, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.122.195.88, DL: 2, Dsts: 1, Pkts: 117, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.9.84.90, DL: 2, Dsts: 1, Pkts: 1630, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.159.173.1, DL: 2, Dsts: 1, Pkts: 164, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.103.25.210, DL: 2, Dsts: 1, Pkts: 118, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.88.40.202, DL: 2, Dsts: 1, Pkts: 165, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.67.128.111, DL: 2, Dsts: 1, Pkts: 1470, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  65.122.119.10, DL: 2, Dsts: 1, Pkts: 1637, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.218.20.19, DL: 2, Dsts: 1, Pkts: 1474, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.18.111.62, DL: 2, Dsts: 1, Pkts: 167, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.158.125.107, DL: 2, Dsts: 1, Pkts: 119, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.49.202.91, DL: 2, Dsts: 24, Pkts: 36276, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  199.232.230.61, DL: 2, Dsts: 1, Pkts: 120, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.211.163.97, DL: 2, Dsts: 1, Pkts: 121, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.214.25.70, DL: 2, Dsts: 1, Pkts: 122, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.185.167.232, DL: 2, Dsts: 1, Pkts: 1548, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  149.156.162.162, DL: 2, Dsts: 1, Pkts: 123, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.153.17.136, DL: 2, Dsts: 2, Pkts: 3105, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.167.51.110, DL: 2, Dsts: 1, Pkts: 124, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.189.18.33, DL: 2, Dsts: 24, Pkts: 37855, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077

SRC:  218.0.6.200, DL: 2, Dsts: 14, Pkts: 22477, Unique sigs: 14

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  203.136.78.157, DL: 2, Dsts: 1, Pkts: 125, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.228.91.98, DL: 2, Dsts: 1, Pkts: 126, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.86.10.224, DL: 2, Dsts: 1, Pkts: 1615, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.200.8.200, DL: 2, Dsts: 24, Pkts: 41540, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.74.187.61, DL: 2, Dsts: 1, Pkts: 1654, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3128 (1 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  220.169.225.120, DL: 2, Dsts: 1, Pkts: 1656, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  222.252.32.213, DL: 2, Dsts: 1, Pkts: 190, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.217.26.190, DL: 2, Dsts: 1, Pkts: 127, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.184.238.22, DL: 2, Dsts: 1, Pkts: 1659, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  212.21.207.148, DL: 2, Dsts: 1, Pkts: 128, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.194.178.154, DL: 2, Dsts: 1, Pkts: 191, Unique sigs: 2

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.7.136.60, DL: 2, Dsts: 18, Pkts: 30267, Unique sigs: 18
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.18.123.98, DL: 2, Dsts: 1, Pkts: 192, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.232.144.26, DL: 2, Dsts: 2, Pkts: 387, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.13.12.241, DL: 2, Dsts: 1, Pkts: 1703, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  213.102.116.29, DL: 2, Dsts: 1, Pkts: 129, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.31.113.242, DL: 2, Dsts: 22, Pkts: 37934, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  68.89.167.87, DL: 2, Dsts: 1, Pkts: 1941, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.143.29.129, DL: 2, Dsts: 5, Pkts: 660, Unique sigs: 5

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.226.110.175, DL: 2, Dsts: 4, Pkts: 6999, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3128 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 80 (1 packets)

SRC:  202.105.237.238, DL: 2, Dsts: 1, Pkts: 1755, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  82.81.249.81, DL: 2, Dsts: 1, Pkts: 196, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.207.207.104, DL: 2, Dsts: 1, Pkts: 135, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.20.175.54, DL: 2, Dsts: 1, Pkts: 1955, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.105.109, DL: 2, Dsts: 1, Pkts: 198, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.1.28.141, DL: 2, Dsts: 2, Pkts: 273, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.157.38.51, DL: 2, Dsts: 1, Pkts: 138, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.111.51.139, DL: 2, Dsts: 2, Pkts: 279, Unique sigs: 2

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.216.143.184, DL: 2, Dsts: 1, Pkts: 141, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.237.125.81, DL: 2, Dsts: 1, Pkts: 1761, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  212.104.102.101, DL: 2, Dsts: 1, Pkts: 199, Unique sigs: 2

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  24.6.97.6, DL: 2, Dsts: 1, Pkts: 200, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.159.62.131, DL: 2, Dsts: 2, Pkts: 285, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.249.126.194, DL: 2, Dsts: 2, Pkts: 289, Unique sigs: 2

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.47.200.225, DL: 2, Dsts: 1, Pkts: 1965, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.216.239.180, DL: 2, Dsts: 1, Pkts: 1767, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.75.196.34, DL: 2, Dsts: 1, Pkts: 202, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.198.203.151, DL: 2, Dsts: 1, Pkts: 1973, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.115.46.225, DL: 2, Dsts: 2, Pkts: 3952, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.87.128.114, DL: 2, Dsts: 1, Pkts: 1775, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.145.33.88, DL: 2, Dsts: 1, Pkts: 146, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  193.126.173.200, DL: 2, Dsts: 1, Pkts: 147, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.68.2.151, DL: 2, Dsts: 1, Pkts: 148, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  134.215.203.97, DL: 2, Dsts: 1, Pkts: 149, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.1.241.118, DL: 2, Dsts: 24, Pkts: 43475, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  63.159.64.101, DL: 2, Dsts: 2, Pkts: 2052, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.13.28.104, DL: 2, Dsts: 1, Pkts: 207, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.90.79.73, DL: 2, Dsts: 1, Pkts: 208, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.0.1.204, DL: 2, Dsts: 24, Pkts: 45051, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  202.71.143.195, DL: 2, Dsts: 1, Pkts: 150, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.172.91.251, DL: 2, Dsts: 1, Pkts: 1908, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  219.147.35.20, DL: 2, Dsts: 1, Pkts: 151, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.120.43.12, DL: 2, Dsts: 1, Pkts: 2120, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.245.100.225, DL: 2, Dsts: 1, Pkts: 1920, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  80.52.27.87, DL: 2, Dsts: 1, Pkts: 152, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.183.169.120, DL: 2, Dsts: 1, Pkts: 210, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.134.87.154, DL: 2, Dsts: 1, Pkts: 2136, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80-135 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  63.27.198.226, DL: 2, Dsts: 1, Pkts: 1927, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.21.200.212, DL: 2, Dsts: 1, Pkts: 153, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.127.4.135, DL: 2, Dsts: 7, Pkts: 1099, Unique sigs: 7

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  11.11.79.71, DL: 2, Dsts: 2, Pkts: 340, Unique sigs: 0, local IP!

    DST: 62.75.177.165
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
    DST: 217.172.188.228
        Scanned ports: FORWARD br0 udp 3412-43215 (18 packets)

SRC:  62.126.79.89, DL: 2, Dsts: 1, Pkts: 181, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  221.137.217.236, DL: 2, Dsts: 1, Pkts: 1929, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  221.126.136.90, DL: 2, Dsts: 1, Pkts: 182, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.107.69.197, DL: 2, Dsts: 2, Pkts: 4292, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.148.207.102, DL: 2, Dsts: 1, Pkts: 183, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.108.170.13, DL: 2, Dsts: 1, Pkts: 184, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.66.70.158, DL: 2, Dsts: 1, Pkts: 185, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.20.8.111, DL: 2, Dsts: 1, Pkts: 2151, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.132.36.10, DL: 2, Dsts: 2, Pkts: 373, Unique sigs: 2

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.249.130.235, DL: 2, Dsts: 1, Pkts: 216, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  134.215.193.203, DL: 2, Dsts: 1, Pkts: 188, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  10.204.6.220, DL: 2, Dsts: 1, Pkts: 217, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.63.73.136, DL: 2, Dsts: 3, Pkts: 5814, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  221.3.108.133, DL: 2, Dsts: 1, Pkts: 1942, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  84.247.54.63, DL: 2, Dsts: 1, Pkts: 189, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.27.12.28, DL: 2, Dsts: 1, Pkts: 218, Unique sigs: 1

    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.166.185.183, DL: 2, Dsts: 1, Pkts: 219, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.134.33.26, DL: 2, Dsts: 1, Pkts: 220, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.194.40.220, DL: 2, Dsts: 1, Pkts: 2173, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.48.163.141, DL: 2, Dsts: 2, Pkts: 4352, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.109.142.75, DL: 2, Dsts: 1, Pkts: 190, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.196.165.47, DL: 2, Dsts: 24, Pkts: 47777, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  213.66.95.232, DL: 2, Dsts: 1, Pkts: 191, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.217.80.65, DL: 2, Dsts: 1, Pkts: 2028, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  66.30.125.150, DL: 2, Dsts: 1, Pkts: 192, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.8.132.160, DL: 2, Dsts: 1, Pkts: 2031, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.196.201.54, DL: 2, Dsts: 1, Pkts: 193, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.62.85.66, DL: 2, Dsts: 24, Pkts: 49644, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  220.189.91.241, DL: 2, Dsts: 1, Pkts: 2105, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  151.25.187.179, DL: 2, Dsts: 1, Pkts: 194, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.231.68.216, DL: 2, Dsts: 1, Pkts: 195, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.219.238.132, DL: 2, Dsts: 23, Pkts: 4905, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.88.42.138, DL: 2, Dsts: 1, Pkts: 2108, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  62.126.79.105, DL: 2, Dsts: 1, Pkts: 231, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  221.193.87.128, DL: 2, Dsts: 24, Pkts: 6717, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208

SRC:  63.159.64.133, DL: 2, Dsts: 1, Pkts: 224, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.26.237.81, DL: 2, Dsts: 1, Pkts: 2336, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.25.38.114, DL: 2, Dsts: 1, Pkts: 327, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.168.137.78, DL: 2, Dsts: 1, Pkts: 2114, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  148.244.80.234, DL: 2, Dsts: 1, Pkts: 328, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.77.219.232, DL: 2, Dsts: 1, Pkts: 329, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.240.6.212, DL: 2, Dsts: 1, Pkts: 330, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.76.241.176, DL: 2, Dsts: 2, Pkts: 663, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.141.0.92, DL: 2, Dsts: 1, Pkts: 2343, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.142.9.13, DL: 2, Dsts: 1, Pkts: 2345, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.148.189.16, DL: 2, Dsts: 24, Pkts: 51732, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.185.77.25, DL: 2, Dsts: 1, Pkts: 333, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.131.169.234, DL: 2, Dsts: 1, Pkts: 228, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.134.108.182, DL: 2, Dsts: 1, Pkts: 334, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.155.209.122, DL: 2, Dsts: 1, Pkts: 229, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.182.187.88, DL: 2, Dsts: 2, Pkts: 4389, Unique sigs: 2

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.185.75.170, DL: 2, Dsts: 1, Pkts: 335, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.89.74.31, DL: 2, Dsts: 3, Pkts: 6601, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  220.234.165.209, DL: 2, Dsts: 1, Pkts: 230, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.190.64.113, DL: 2, Dsts: 1, Pkts: 231, Unique sigs: 1

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.158.54.204, DL: 2, Dsts: 24, Pkts: 53892, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  222.149.57.155, DL: 2, Dsts: 2, Pkts: 673, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.111.214.219, DL: 2, Dsts: 1, Pkts: 2283, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  151.28.37.163, DL: 2, Dsts: 1, Pkts: 346, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.191.88.231, DL: 2, Dsts: 1, Pkts: 2516, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.0.47.70, DL: 2, Dsts: 1, Pkts: 2518, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  193.109.122.59, DL: 2, Dsts: 1, Pkts: 2286, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 8000 (1 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084

SRC:  63.89.132.59, DL: 2, Dsts: 1, Pkts: 234, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  204.76.166.50, DL: 2, Dsts: 1, Pkts: 2522, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.145.144.150, DL: 2, Dsts: 1, Pkts: 347, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.131.239.67, DL: 2, Dsts: 24, Pkts: 55766, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  24.8.29.43, DL: 2, Dsts: 1, Pkts: 2595, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  165.247.169.89, DL: 2, Dsts: 1, Pkts: 348, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.46.36.138, DL: 2, Dsts: 1, Pkts: 349, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.82.226.55, DL: 2, Dsts: 22, Pkts: 52492, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.185.78.92, DL: 2, Dsts: 1, Pkts: 350, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.211.33.115, DL: 2, Dsts: 1, Pkts: 2413, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  195.69.252.158, DL: 2, Dsts: 1, Pkts: 351, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.86.103.84, DL: 2, Dsts: 1, Pkts: 2653, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.167.45.159, DL: 2, Dsts: 24, Pkts: 63199, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.176.188.59, DL: 2, Dsts: 1, Pkts: 396, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.138.113.81, DL: 2, Dsts: 1, Pkts: 397, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.122.46.11, DL: 2, Dsts: 1, Pkts: 2516, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  217.99.37.60, DL: 2, Dsts: 1, Pkts: 398, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.21.91.169, DL: 2, Dsts: 1, Pkts: 399, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.115.184.109, DL: 2, Dsts: 24, Pkts: 61284, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  66.15.1.37, DL: 2, Dsts: 2, Pkts: 801, Unique sigs: 2

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.222.203.46, DL: 2, Dsts: 1, Pkts: 402, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.17.178.216, DL: 2, Dsts: 1, Pkts: 2861, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.24.201.203, DL: 2, Dsts: 1, Pkts: 2864, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.208.221.49, DL: 2, Dsts: 1, Pkts: 403, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.83.32.8, DL: 2, Dsts: 24, Pkts: 62943, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  220.138.121.186, DL: 2, Dsts: 24, Pkts: 64332, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  193.136.201.209, DL: 2, Dsts: 1, Pkts: 404, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.204.170.14, DL: 2, Dsts: 1, Pkts: 2718, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.184.144.145, DL: 2, Dsts: 1, Pkts: 2987, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.39.232.33, DL: 2, Dsts: 1, Pkts: 405, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.156.4.44, DL: 2, Dsts: 1, Pkts: 2724, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.52.36.187, DL: 2, Dsts: 1, Pkts: 2726, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.189.208.108, DL: 2, Dsts: 1, Pkts: 3026, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  128.9.160.251, DL: 2, Dsts: 9, Pkts: 2448, Unique sigs: 18

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  4.255.66.180, DL: 2, Dsts: 1, Pkts: 406, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.191.74.30, DL: 2, Dsts: 1, Pkts: 407, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.189.233.26, DL: 2, Dsts: 1, Pkts: 277, Unique sigs: 1

    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.121.0.76, DL: 2, Dsts: 1, Pkts: 408, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.78.135.194, DL: 2, Dsts: 1, Pkts: 278, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.62.142, DL: 2, Dsts: 1, Pkts: 279, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.149.84.98, DL: 2, Dsts: 24, Pkts: 66657, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  148.221.200.22, DL: 2, Dsts: 1, Pkts: 409, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.214.17.203, DL: 2, Dsts: 1, Pkts: 410, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.153.94.194, DL: 2, Dsts: 1, Pkts: 280, Unique sigs: 1

    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.132.46.108, DL: 2, Dsts: 1, Pkts: 281, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.234.109.38, DL: 2, Dsts: 1, Pkts: 282, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.79.210.104, DL: 2, Dsts: 1, Pkts: 411, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.184.132.15, DL: 2, Dsts: 1, Pkts: 412, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.101.244.34, DL: 2, Dsts: 1, Pkts: 283, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  138.89.146.101, DL: 2, Dsts: 1, Pkts: 413, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.243.106.2, DL: 2, Dsts: 1, Pkts: 414, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.21.124.106, DL: 2, Dsts: 1, Pkts: 415, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.21.6.89, DL: 2, Dsts: 2, Pkts: 833, Unique sigs: 2

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.175.158.17, DL: 2, Dsts: 1, Pkts: 3080, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.238.115.119, DL: 2, Dsts: 1, Pkts: 285, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.195.18.5, DL: 2, Dsts: 1, Pkts: 418, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.190.212.250, DL: 2, Dsts: 4, Pkts: 1682, Unique sigs: 4

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.249.123.35, DL: 2, Dsts: 1, Pkts: 423, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.59.246.136, DL: 2, Dsts: 1, Pkts: 286, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.40.56.50, DL: 2, Dsts: 1, Pkts: 424, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.201.177.254, DL: 2, Dsts: 1, Pkts: 287, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.187.40.103, DL: 2, Dsts: 1, Pkts: 425, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.197.81.72, DL: 2, Dsts: 3, Pkts: 9273, Unique sigs: 3

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.174.60.196, DL: 2, Dsts: 24, Pkts: 67895, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.18.64.31, DL: 2, Dsts: 1, Pkts: 293, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.171.214.120, DL: 2, Dsts: 1, Pkts: 2857, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  210.245.226.216, DL: 2, Dsts: 6, Pkts: 2571, Unique sigs: 6

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.158.219.3, DL: 2, Dsts: 1, Pkts: 432, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.113.206.151, DL: 2, Dsts: 1, Pkts: 2860, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.203.53.137, DL: 2, Dsts: 1, Pkts: 2863, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  128.87.251.168, DL: 2, Dsts: 3, Pkts: 885, Unique sigs: 3

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.214.153.170, DL: 2, Dsts: 1, Pkts: 2866, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.185.8.16, DL: 2, Dsts: 24, Pkts: 15572, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (17 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 17, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (17 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 17, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (16 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 16, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (18 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 18, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (19 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 19, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (16 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 16, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (18 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 18, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (18 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 18, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (17 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 17, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (18 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 18, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (14 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 14, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (17 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 17, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (16 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 16, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (17 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 17, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (18 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 18, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (19 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 19, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (20 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 20, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (20 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 20, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (16 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 16, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (19 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 19, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (19 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 19, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (16 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 16, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (20 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 20, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (17 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 17, DP: 1434, Sid: 100208

SRC:  211.155.28.235, DL: 2, Dsts: 1, Pkts: 2868, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.18.26.15, DL: 2, Dsts: 1, Pkts: 297, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.94.219.230, DL: 2, Dsts: 1, Pkts: 855, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  85.76.31.80, DL: 2, Dsts: 1, Pkts: 856, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.228.96.30, DL: 2, Dsts: 1, Pkts: 857, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  214.227.158.125, DL: 2, Dsts: 1, Pkts: 2893, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (25 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 25, DP: 31105, SYN, Sid: 2182

SRC:  218.62.18.218, DL: 2, Dsts: 1, Pkts: 298, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.170.228.240, DL: 2, Dsts: 1, Pkts: 299, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.191.134.233, DL: 2, Dsts: 6, Pkts: 5163, Unique sigs: 6

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.190.71.171, DL: 2, Dsts: 24, Pkts: 70324, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  82.76.38.242, DL: 2, Dsts: 1, Pkts: 864, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.245.4.16, DL: 2, Dsts: 1, Pkts: 2967, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  68.161.249.165, DL: 2, Dsts: 2, Pkts: 1731, Unique sigs: 2

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.98.122.227, DL: 2, Dsts: 1, Pkts: 867, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.65.99.135, DL: 2, Dsts: 1, Pkts: 868, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  163.178.108.19, DL: 2, Dsts: 1, Pkts: 869, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.203.229.242, DL: 2, Dsts: 1, Pkts: 2969, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3127 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375

SRC:  222.144.98.217, DL: 2, Dsts: 3, Pkts: 2613, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.71.196.233, DL: 2, Dsts: 1, Pkts: 300, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  206.217.239.244, DL: 2, Dsts: 1, Pkts: 873, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  204.101.215.98, DL: 2, Dsts: 1, Pkts: 874, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.221.139.154, DL: 2, Dsts: 24, Pkts: 72156, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  218.65.45.130, DL: 2, Dsts: 1, Pkts: 301, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.91.101.108, DL: 2, Dsts: 1, Pkts: 3042, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.15.125.130, DL: 2, Dsts: 2, Pkts: 605, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  70.183.2.231, DL: 2, Dsts: 1, Pkts: 3347, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.186.247.210, DL: 2, Dsts: 1, Pkts: 3046, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  216.37.120.50, DL: 2, Dsts: 3, Pkts: 10071, Unique sigs: 3

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 4, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.219.52.20, DL: 2, Dsts: 1, Pkts: 875, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.120.252.205, DL: 2, Dsts: 1, Pkts: 876, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.98.88.3, DL: 2, Dsts: 20, Pkts: 61484, Unique sigs: 20
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  24.165.62.3, DL: 2, Dsts: 1, Pkts: 877, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.84.194.194, DL: 2, Dsts: 1, Pkts: 878, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.123.215.114, DL: 2, Dsts: 2, Pkts: 1759, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.69.0.45, DL: 2, Dsts: 1, Pkts: 881, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.131.119.154, DL: 2, Dsts: 1, Pkts: 3409, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.225.43.33, DL: 2, Dsts: 1, Pkts: 882, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  198.216.120.15, DL: 2, Dsts: 1, Pkts: 312, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.97.131.228, DL: 2, Dsts: 5, Pkts: 15508, Unique sigs: 5

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.17.214.135, DL: 2, Dsts: 1, Pkts: 313, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.52.46.192, DL: 2, Dsts: 1, Pkts: 3106, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  213.101.75.150, DL: 2, Dsts: 1, Pkts: 883, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.108.207.120, DL: 2, Dsts: 3, Pkts: 2655, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.159.16.32, DL: 2, Dsts: 1, Pkts: 887, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.157.32.70, DL: 2, Dsts: 4, Pkts: 9647, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.88.66.133, DL: 2, Dsts: 1, Pkts: 315, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.155.69.121, DL: 2, Dsts: 24, Pkts: 75636, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  80.63.59.10, DL: 2, Dsts: 2, Pkts: 7016, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80-135 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  67.203.253.250, DL: 2, Dsts: 1, Pkts: 888, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  10.80.5.85, DL: 2, Dsts: 1, Pkts: 319, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.155.158.191, DL: 2, Dsts: 1, Pkts: 889, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.183.119.170, DL: 2, Dsts: 1, Pkts: 890, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.42.205.41, DL: 2, Dsts: 1, Pkts: 891, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.150.61.20, DL: 2, Dsts: 7, Pkts: 6266, Unique sigs: 7

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  218.28.131.201, DL: 2, Dsts: 1, Pkts: 3196, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.164.227.163, DL: 2, Dsts: 1, Pkts: 900, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.113.5.153, DL: 2, Dsts: 1, Pkts: 901, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.153.71.25, DL: 2, Dsts: 1, Pkts: 320, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.8.63.210, DL: 2, Dsts: 1, Pkts: 3530, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.88.224.95, DL: 2, Dsts: 1, Pkts: 322, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.153, DL: 2, Dsts: 3, Pkts: 2709, Unique sigs: 3

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.91.80.167, DL: 2, Dsts: 24, Pkts: 79860, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  80.8.39.21, DL: 2, Dsts: 1, Pkts: 905, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.40.87.109, DL: 2, Dsts: 9, Pkts: 8190, Unique sigs: 9

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.125.115.30, DL: 2, Dsts: 2, Pkts: 647, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.148.79.3, DL: 2, Dsts: 1, Pkts: 915, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.48.48.136, DL: 2, Dsts: 1, Pkts: 916, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.183.77.227, DL: 2, Dsts: 14, Pkts: 12929, Unique sigs: 14

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.171.184.63, DL: 2, Dsts: 1, Pkts: 931, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.90.85.16, DL: 2, Dsts: 1, Pkts: 932, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.147.52.188, DL: 2, Dsts: 2, Pkts: 1867, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.209.47.3, DL: 2, Dsts: 24, Pkts: 84916, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3127 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  219.18.168.84, DL: 2, Dsts: 1, Pkts: 935, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.17.196.129, DL: 2, Dsts: 1, Pkts: 325, Unique sigs: 1

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.104.200.154, DL: 2, Dsts: 1, Pkts: 936, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.233.228.159, DL: 2, Dsts: 1, Pkts: 326, Unique sigs: 1

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.177.18.161, DL: 2, Dsts: 1, Pkts: 937, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.166.64.211, DL: 2, Dsts: 24, Pkts: 90808, Unique sigs: 47
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.67.175.106, DL: 2, Dsts: 1, Pkts: 938, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.11.163.65, DL: 2, Dsts: 2, Pkts: 703, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  195.5.133.169, DL: 2, Dsts: 1, Pkts: 939, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.150.170.236, DL: 2, Dsts: 1, Pkts: 940, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.166.245.20, DL: 2, Dsts: 2, Pkts: 7239, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  199.64.0.252, DL: 2, Dsts: 1, Pkts: 354, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  221.127.7.14, DL: 2, Dsts: 2, Pkts: 1883, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.158.253.136, DL: 2, Dsts: 1, Pkts: 943, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.62.40, DL: 2, Dsts: 1, Pkts: 355, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.160.55.12, DL: 2, Dsts: 1, Pkts: 944, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  208.219.171.57, DL: 2, Dsts: 1, Pkts: 945, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.4.218.49, DL: 2, Dsts: 16, Pkts: 59249, Unique sigs: 16

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (16 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 16, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (7 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 7, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (20 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 20, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204

SRC:  203.200.123.83, DL: 2, Dsts: 1, Pkts: 946, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.3.180.19, DL: 2, Dsts: 3, Pkts: 2844, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.39.207.243, DL: 2, Dsts: 1, Pkts: 950, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  163.27.149.108, DL: 2, Dsts: 1, Pkts: 356, Unique sigs: 2

    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  211.108.83.56, DL: 2, Dsts: 1, Pkts: 3751, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.94.69.201, DL: 2, Dsts: 2, Pkts: 715, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.138.167.241, DL: 2, Dsts: 23, Pkts: 86839, Unique sigs: 23
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  220.117.25.16, DL: 2, Dsts: 1, Pkts: 3800, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.148.131.10, DL: 2, Dsts: 1, Pkts: 951, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.6.123.66, DL: 2, Dsts: 2, Pkts: 1905, Unique sigs: 2

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.144.136.26, DL: 2, Dsts: 1, Pkts: 3802, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.191.161.103, DL: 2, Dsts: 1, Pkts: 359, Unique sigs: 1

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  193.62.51.220, DL: 2, Dsts: 2, Pkts: 721, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.249.232.228, DL: 2, Dsts: 1, Pkts: 362, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.120.128.46, DL: 2, Dsts: 1, Pkts: 4168, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.182.146.84, DL: 2, Dsts: 1, Pkts: 4170, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.57.141.5, DL: 2, Dsts: 1, Pkts: 365, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.120.45.7, DL: 2, Dsts: 24, Pkts: 92244, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  67.176.141.219, DL: 2, Dsts: 2, Pkts: 1909, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.159.48.144, DL: 2, Dsts: 1, Pkts: 4247, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.61.87.218, DL: 2, Dsts: 1, Pkts: 4249, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.171.10.236, DL: 2, Dsts: 1, Pkts: 3885, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.94.182.84, DL: 2, Dsts: 1, Pkts: 3886, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  10.80.5.142, DL: 2, Dsts: 1, Pkts: 368, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.173.65.45, DL: 2, Dsts: 1, Pkts: 956, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.158.152.163, DL: 2, Dsts: 22, Pkts: 96503, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3306 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384

SRC:  218.22.158.189, DL: 2, Dsts: 1, Pkts: 4504, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.18.235.217, DL: 2, Dsts: 1, Pkts: 502, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.108.2.213, DL: 2, Dsts: 24, Pkts: 96972, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  66.65.35.49, DL: 2, Dsts: 2, Pkts: 1915, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.102.193.21, DL: 2, Dsts: 1, Pkts: 503, Unique sigs: 2

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  200.176.24.220, DL: 2, Dsts: 2, Pkts: 8155, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  213.45.235.28, DL: 2, Dsts: 1, Pkts: 959, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.23.163.199, DL: 2, Dsts: 1, Pkts: 4583, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.44.109.192, DL: 2, Dsts: 1, Pkts: 960, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  146.64.254.76, DL: 2, Dsts: 1, Pkts: 505, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.45.105.67, DL: 2, Dsts: 1, Pkts: 961, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.93.73.126, DL: 2, Dsts: 1, Pkts: 962, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  165.247.89.122, DL: 2, Dsts: 1, Pkts: 963, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.30.216.50, DL: 2, Dsts: 24, Pkts: 98796, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  210.7.9.122, DL: 2, Dsts: 1, Pkts: 4152, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  84.235.46.167, DL: 2, Dsts: 1, Pkts: 964, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.234.136.226, DL: 2, Dsts: 15, Pkts: 14580, Unique sigs: 15

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.126.79.83, DL: 2, Dsts: 1, Pkts: 981, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  202.157.41.52, DL: 2, Dsts: 1, Pkts: 982, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.245.247.196, DL: 2, Dsts: 1, Pkts: 4661, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.155.196.152, DL: 2, Dsts: 2, Pkts: 9334, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  151.41.6.7, DL: 2, Dsts: 1, Pkts: 983, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.15.232.67, DL: 2, Dsts: 1, Pkts: 509, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.66.202.117, DL: 2, Dsts: 1, Pkts: 4672, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.17.139.219, DL: 2, Dsts: 1, Pkts: 4676, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.222.48.130, DL: 2, Dsts: 2, Pkts: 1971, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.130.215.52, DL: 2, Dsts: 1, Pkts: 512, Unique sigs: 1

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.144.65.171, DL: 2, Dsts: 1, Pkts: 987, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.219.119.236, DL: 2, Dsts: 24, Pkts: 102228, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.93.96.23, DL: 2, Dsts: 1, Pkts: 513, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.18.41.125, DL: 2, Dsts: 1, Pkts: 514, Unique sigs: 1

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.91.137.244, DL: 2, Dsts: 24, Pkts: 103649, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  172.175.77.14, DL: 2, Dsts: 1, Pkts: 988, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.144.62.196, DL: 2, Dsts: 2, Pkts: 1979, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.155.158.221, DL: 2, Dsts: 1, Pkts: 991, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.158.91.167, DL: 2, Dsts: 1, Pkts: 992, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.187.238.128, DL: 2, Dsts: 9, Pkts: 39114, Unique sigs: 9

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 17300 (1 packets)
        Signature match: "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 17300, SYN, Sid: 100206
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 17300 (1 packets)
        Signature match: "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 17300, SYN, Sid: 100206
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 17300 (1 packets)
        Signature match: "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 17300, SYN, Sid: 100206
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 17300 (1 packets)
        Signature match: "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 17300, SYN, Sid: 100206
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 17300 (1 packets)
        Signature match: "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 17300, SYN, Sid: 100206
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 17300 (1 packets)
        Signature match: "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 17300, SYN, Sid: 100206
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 17300 (1 packets)
        Signature match: "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 17300, SYN, Sid: 100206
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 17300 (1 packets)
        Signature match: "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 17300, SYN, Sid: 100206
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 17300 (1 packets)
        Signature match: "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 17300, SYN, Sid: 100206

SRC:  63.159.48.129, DL: 2, Dsts: 1, Pkts: 515, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.176.98.250, DL: 2, Dsts: 1, Pkts: 4479, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.200.187.197, DL: 2, Dsts: 24, Pkts: 107796, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  221.7.225.5, DL: 2, Dsts: 1, Pkts: 516, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  220.97.234.38, DL: 2, Dsts: 2, Pkts: 1987, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.122.250.11, DL: 2, Dsts: 1, Pkts: 5021, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.176.160.140, DL: 2, Dsts: 1, Pkts: 4506, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  221.113.127.73, DL: 2, Dsts: 1, Pkts: 995, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.28.163.19, DL: 2, Dsts: 1, Pkts: 4509, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  84.72.165.26, DL: 2, Dsts: 1, Pkts: 996, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.216.11.68, DL: 2, Dsts: 1, Pkts: 5028, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.6.162.19, DL: 2, Dsts: 3, Pkts: 15096, Unique sigs: 3

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  193.109.122.23, DL: 2, Dsts: 1, Pkts: 4516, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80-8000 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084

SRC:  63.17.153.207, DL: 2, Dsts: 1, Pkts: 5041, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.159.196.182, DL: 2, Dsts: 1, Pkts: 523, Unique sigs: 1

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.79.199.235, DL: 2, Dsts: 1, Pkts: 5046, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.34.74, DL: 2, Dsts: 1, Pkts: 997, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  80.65.244.234, DL: 2, Dsts: 6, Pkts: 6003, Unique sigs: 6

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.153.30.177, DL: 2, Dsts: 1, Pkts: 5048, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  83.237.225.76, DL: 2, Dsts: 1, Pkts: 1004, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.188.151.248, DL: 2, Dsts: 1, Pkts: 526, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.164.15.180, DL: 2, Dsts: 24, Pkts: 24572, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  24.8.126.16, DL: 2, Dsts: 1, Pkts: 1044, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.187.201.94, DL: 2, Dsts: 1, Pkts: 5053, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.144.67.230, DL: 2, Dsts: 5, Pkts: 5235, Unique sigs: 5

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.148.131.59, DL: 2, Dsts: 1, Pkts: 1050, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.54.110.105, DL: 2, Dsts: 1, Pkts: 1051, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.26.191.182, DL: 2, Dsts: 24, Pkts: 109393, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  201.19.161.170, DL: 2, Dsts: 1, Pkts: 4593, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  65.94.52.189, DL: 2, Dsts: 1, Pkts: 5124, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.180.174.131, DL: 2, Dsts: 1, Pkts: 529, Unique sigs: 2

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  4.227.239.248, DL: 2, Dsts: 1, Pkts: 1052, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.201.9.238, DL: 2, Dsts: 1, Pkts: 4598, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  68.60.161.71, DL: 2, Dsts: 3, Pkts: 3162, Unique sigs: 3

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.0.239.235, DL: 2, Dsts: 1, Pkts: 1056, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.40.121.169, DL: 2, Dsts: 1, Pkts: 4610, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1080-3128 (12 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3128, SYN, Sid: 2375

SRC:  218.34.193.49, DL: 2, Dsts: 1, Pkts: 1057, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.76.156, DL: 2, Dsts: 1, Pkts: 1058, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.77.207.203, DL: 2, Dsts: 1, Pkts: 1059, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.18.77.113, DL: 2, Dsts: 1, Pkts: 530, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.142.94.45, DL: 2, Dsts: 1, Pkts: 531, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  159.226.99.25, DL: 2, Dsts: 8, Pkts: 8508, Unique sigs: 8

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.171.65.16, DL: 2, Dsts: 2, Pkts: 1065, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.16.144.188, DL: 2, Dsts: 1, Pkts: 534, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.201.250.7, DL: 2, Dsts: 1, Pkts: 535, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  222.88.59.11, DL: 2, Dsts: 1, Pkts: 536, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.207.26.187, DL: 2, Dsts: 1, Pkts: 1068, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.91.103.230, DL: 2, Dsts: 1, Pkts: 1069, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.96.34.75, DL: 2, Dsts: 1, Pkts: 1070, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.202.33.226, DL: 2, Dsts: 1, Pkts: 5148, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.214.210.234, DL: 2, Dsts: 1, Pkts: 1071, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.60.5.74, DL: 2, Dsts: 1, Pkts: 1072, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.133.240.116, DL: 2, Dsts: 2, Pkts: 5689, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.139.76.48, DL: 2, Dsts: 1, Pkts: 4613, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  70.182.70.227, DL: 2, Dsts: 1, Pkts: 1073, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.23.48.36, DL: 2, Dsts: 2, Pkts: 5695, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.107, DL: 2, Dsts: 12, Pkts: 12954, Unique sigs: 12

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.74.252.227, DL: 2, Dsts: 1, Pkts: 5157, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.201.135.127, DL: 2, Dsts: 1, Pkts: 1086, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.126.249.121, DL: 2, Dsts: 1, Pkts: 1087, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.100.241, DL: 2, Dsts: 1, Pkts: 543, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.188.130.65, DL: 2, Dsts: 1, Pkts: 1088, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.242.18.225, DL: 2, Dsts: 2, Pkts: 2180, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  212.199.10.73, DL: 2, Dsts: 24, Pkts: 111660, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  80.99.97.179, DL: 2, Dsts: 24, Pkts: 113379, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  202.82.153.226, DL: 2, Dsts: 1, Pkts: 5303, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.139.177.170, DL: 2, Dsts: 1, Pkts: 1092, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.255.46.190, DL: 2, Dsts: 1, Pkts: 545, Unique sigs: 2

    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP Large ICMP Packet" (icmp), Chain: FORWARD, Count: 1, Sid: 499

SRC:  212.31.125.227, DL: 2, Dsts: 1, Pkts: 546, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.66.44.2, DL: 2, Dsts: 1, Pkts: 547, Unique sigs: 2

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  217.41.38.211, DL: 2, Dsts: 3, Pkts: 3282, Unique sigs: 3

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.126.79.71, DL: 2, Dsts: 1, Pkts: 1097, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  63.188.9.202, DL: 2, Dsts: 2, Pkts: 5859, Unique sigs: 2

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.225.16.98, DL: 2, Dsts: 1, Pkts: 4765, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  61.18.61.5, DL: 2, Dsts: 1, Pkts: 550, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.1.21.14, DL: 2, Dsts: 1, Pkts: 551, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  204.102.106.54, DL: 2, Dsts: 1, Pkts: 5318, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.14.193.122, DL: 2, Dsts: 1, Pkts: 1098, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.31.247.51, DL: 2, Dsts: 1, Pkts: 1099, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.161.120.174, DL: 2, Dsts: 1, Pkts: 1100, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.186.32.94, DL: 2, Dsts: 1, Pkts: 4785, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 80-6129 (19 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  66.243.36.140, DL: 2, Dsts: 1, Pkts: 5341, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.8.80.174, DL: 2, Dsts: 2, Pkts: 9588, Unique sigs: 2
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  219.146.177.150, DL: 2, Dsts: 1, Pkts: 1101, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.153.135.145, DL: 2, Dsts: 1, Pkts: 4799, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  202.79.147.212, DL: 2, Dsts: 1, Pkts: 1102, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.8.37.51, DL: 2, Dsts: 1, Pkts: 1103, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.237.31.36, DL: 2, Dsts: 3, Pkts: 3315, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.242.73, DL: 2, Dsts: 1, Pkts: 554, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.75.135.137, DL: 2, Dsts: 24, Pkts: 116006, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.18.136.52, DL: 2, Dsts: 1, Pkts: 555, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.158.253.9, DL: 2, Dsts: 1, Pkts: 556, Unique sigs: 1

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.206.134.210, DL: 2, Dsts: 19, Pkts: 93406, Unique sigs: 2

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135-445 (5 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135-1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (7 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-445 (12 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-445 (18 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (4 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135 (5 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135-1433 (21 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  67.150.1.46, DL: 2, Dsts: 1, Pkts: 1107, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.228.87.170, DL: 2, Dsts: 1, Pkts: 1108, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.201.76.58, DL: 2, Dsts: 2, Pkts: 2219, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.129.68.212, DL: 2, Dsts: 1, Pkts: 1111, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.75.125, DL: 2, Dsts: 2, Pkts: 2225, Unique sigs: 2

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.244.9.146, DL: 2, Dsts: 2, Pkts: 9993, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.41.29.88, DL: 2, Dsts: 1, Pkts: 1114, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.122.238.114, DL: 2, Dsts: 24, Pkts: 139318, Unique sigs: 48

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-445 (26 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 4, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 4, Sid: 381
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-445 (47 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 6, Sid: 381
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-445 (38 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 6, Sid: 381
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-445 (45 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 42-445 (31 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 4, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 4, Sid: 381
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-445 (24 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 3, Sid: 381
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 42-445 (37 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 7, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 7, Sid: 381
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-445 (37 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 6, Sid: 381
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-445 (55 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 7, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 7, Sid: 381
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-445 (42 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-445 (34 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 42-445 (42 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-445 (30 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 4, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 4, Sid: 381
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-445 (42 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 42-445 (14 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-445 (15 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 3, Sid: 381
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 4, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 4, Sid: 381
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 42-445 (15 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-445 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42-445 (52 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 7, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 7, Sid: 381
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-445 (17 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-445 (36 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 4, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 4, Sid: 381
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-445 (31 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 3, Sid: 381

SRC:  60.2.19.44, DL: 2, Dsts: 2, Pkts: 2231, Unique sigs: 2

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.157.14.246, DL: 2, Dsts: 24, Pkts: 139075, Unique sigs: 24
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  61.91.97.119, DL: 2, Dsts: 1, Pkts: 1117, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.148.218.27, DL: 2, Dsts: 1, Pkts: 6514, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.84.154.85, DL: 2, Dsts: 1, Pkts: 5852, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  219.145.163.155, DL: 2, Dsts: 1, Pkts: 1118, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  143.127.3.10, DL: 2, Dsts: 1, Pkts: 6517, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.187.101.91, DL: 2, Dsts: 1, Pkts: 5856, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  172.148.176.105, DL: 2, Dsts: 1, Pkts: 1119, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.76.217, DL: 2, Dsts: 2, Pkts: 2241, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  146.64.118.224, DL: 2, Dsts: 1, Pkts: 665, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  204.49.32.16, DL: 2, Dsts: 1, Pkts: 6523, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.91.160.109, DL: 2, Dsts: 1, Pkts: 1122, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.28.184.206, DL: 2, Dsts: 1, Pkts: 6527, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.19.246.202, DL: 2, Dsts: 1, Pkts: 6531, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.148.116.235, DL: 2, Dsts: 1, Pkts: 5866, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  217.145.12.75, DL: 2, Dsts: 1, Pkts: 1123, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.191.73.143, DL: 2, Dsts: 2, Pkts: 2249, Unique sigs: 2

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.152.178.137, DL: 2, Dsts: 1, Pkts: 1126, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  133.205.236.193, DL: 2, Dsts: 1, Pkts: 5869, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  209.77.221.4, DL: 2, Dsts: 1, Pkts: 669, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  146.64.55.201, DL: 2, Dsts: 1, Pkts: 670, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.143.39.170, DL: 2, Dsts: 1, Pkts: 6543, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.54.41, DL: 2, Dsts: 1, Pkts: 1127, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.0.7.188, DL: 2, Dsts: 1, Pkts: 672, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.35.35.31, DL: 2, Dsts: 1, Pkts: 1128, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.85.71.169, DL: 2, Dsts: 1, Pkts: 5875, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.233.143.113, DL: 2, Dsts: 1, Pkts: 1129, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.192.47.67, DL: 2, Dsts: 1, Pkts: 1130, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.143.208.200, DL: 2, Dsts: 1, Pkts: 5876, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  4.245.155.183, DL: 2, Dsts: 1, Pkts: 5879, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.26.249.189, DL: 2, Dsts: 1, Pkts: 673, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.194.86.35, DL: 2, Dsts: 1, Pkts: 1131, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.1.217.163, DL: 2, Dsts: 1, Pkts: 5882, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  70.18.35.253, DL: 2, Dsts: 1, Pkts: 1132, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.75.28, DL: 2, Dsts: 1, Pkts: 1134, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  221.191.79.206, DL: 2, Dsts: 1, Pkts: 1135, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.8.13.87, DL: 2, Dsts: 1, Pkts: 1136, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.230.144.219, DL: 2, Dsts: 24, Pkts: 142060, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 617 (2 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 617, SYN, Sid: 282
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 617 (3 packets)
        Signature match: "DOS arkiea backup communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 617, SYN, Sid: 282

SRC:  60.44.196.115, DL: 2, Dsts: 1, Pkts: 1137, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.253.231.215, DL: 2, Dsts: 1, Pkts: 674, Unique sigs: 2

    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.235.188.46, DL: 2, Dsts: 1, Pkts: 6629, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.136.201.155, DL: 2, Dsts: 1, Pkts: 1138, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.243.76.151, DL: 2, Dsts: 24, Pkts: 143540, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  66.130.129.53, DL: 2, Dsts: 1, Pkts: 6010, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.89.163.150, DL: 2, Dsts: 1, Pkts: 676, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.206.171, DL: 2, Dsts: 1, Pkts: 677, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.176.157.10, DL: 2, Dsts: 1, Pkts: 6689, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.79.5, DL: 2, Dsts: 1, Pkts: 1139, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.173.168.199, DL: 2, Dsts: 1, Pkts: 679, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  4.18.52.228, DL: 2, Dsts: 1, Pkts: 680, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.12.187.129, DL: 2, Dsts: 1, Pkts: 6012, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  200.119.104.249, DL: 2, Dsts: 1, Pkts: 1140, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  208.185.174.208, DL: 2, Dsts: 2, Pkts: 7376, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.26.169.62, DL: 2, Dsts: 1, Pkts: 6015, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  203.40.197.34, DL: 2, Dsts: 1, Pkts: 6018, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  199.243.92.52, DL: 2, Dsts: 1, Pkts: 1141, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  11.11.133.84, DL: 2, Dsts: 24, Pkts: 154798, Unique sigs: 24, local IP!

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (40 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 40, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (30 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 30, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (33 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 33, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (27 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 27, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (51 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 51, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (24 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 24, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (30 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 30, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (36 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 36, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (36 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 36, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (36 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 36, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (27 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 27, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (21 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 21, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (54 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 54, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (33 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 33, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (54 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 54, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (36 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 36, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (21 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 21, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (24 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 24, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (54 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 54, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (27 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 27, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (33 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 33, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (42 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 42, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (39 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 39, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (22 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 22, DP: 1433, SYN, Sid: 100205

SRC:  218.190.152.100, DL: 2, Dsts: 1, Pkts: 1142, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  139.142.185.124, DL: 2, Dsts: 24, Pkts: 27790, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  202.99.177.207, DL: 2, Dsts: 24, Pkts: 30303, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208

SRC:  80.73.209.245, DL: 2, Dsts: 1, Pkts: 1345, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  198.216.127.97, DL: 2, Dsts: 1, Pkts: 683, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.12.0.150, DL: 2, Dsts: 1, Pkts: 1346, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.165.33.170, DL: 2, Dsts: 1, Pkts: 6850, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  68.255.166.250, DL: 2, Dsts: 1, Pkts: 1347, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.199.101.142, DL: 2, Dsts: 1, Pkts: 1348, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.133.96.47, DL: 2, Dsts: 1, Pkts: 1349, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.156.252.147, DL: 2, Dsts: 1, Pkts: 684, Unique sigs: 1

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.65.178.125, DL: 2, Dsts: 1, Pkts: 1350, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.239.218.113, DL: 2, Dsts: 1, Pkts: 685, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.18.27, DL: 2, Dsts: 1, Pkts: 686, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  145.98.126.42, DL: 2, Dsts: 1, Pkts: 1351, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.149.150.98, DL: 2, Dsts: 1, Pkts: 1352, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.134.81.34, DL: 2, Dsts: 1, Pkts: 687, Unique sigs: 2

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  68.249.154.73, DL: 2, Dsts: 24, Pkts: 165300, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  200.140.182.10, DL: 2, Dsts: 1, Pkts: 1353, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.212.111.169, DL: 2, Dsts: 1, Pkts: 1354, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.156.80.25, DL: 2, Dsts: 1, Pkts: 6977, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.18.99.170, DL: 2, Dsts: 1, Pkts: 689, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  210.95.191.130, DL: 2, Dsts: 24, Pkts: 168340, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.30.139.50, DL: 2, Dsts: 1, Pkts: 690, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.0.61.32, DL: 2, Dsts: 24, Pkts: 169867, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202

SRC:  219.156.70.21, DL: 2, Dsts: 24, Pkts: 171267, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  65.192.137.40, DL: 2, Dsts: 2, Pkts: 2711, Unique sigs: 2

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  58.0.77.3, DL: 2, Dsts: 1, Pkts: 1357, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.176.242.100, DL: 2, Dsts: 1, Pkts: 7854, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  83.237.168.126, DL: 2, Dsts: 24, Pkts: 172812, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  172.175.43.122, DL: 2, Dsts: 1, Pkts: 7237, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  67.105.174.162, DL: 2, Dsts: 2, Pkts: 2717, Unique sigs: 2

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.6.123.39, DL: 2, Dsts: 2, Pkts: 2721, Unique sigs: 2

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.81.243.88, DL: 2, Dsts: 1, Pkts: 692, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.154.167.75, DL: 2, Dsts: 1, Pkts: 7238, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  219.130.18.214, DL: 2, Dsts: 1, Pkts: 693, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.6.145.16, DL: 2, Dsts: 1, Pkts: 694, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.78.200.178, DL: 2, Dsts: 1, Pkts: 1362, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.186.17.47, DL: 2, Dsts: 1, Pkts: 7936, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.66.254.23, DL: 2, Dsts: 1, Pkts: 1363, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.164.101.56, DL: 2, Dsts: 1, Pkts: 696, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.5.183.43, DL: 2, Dsts: 1, Pkts: 697, Unique sigs: 2

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.21.25.224, DL: 2, Dsts: 1, Pkts: 698, Unique sigs: 1

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.105.210.91, DL: 2, Dsts: 24, Pkts: 186159, Unique sigs: 48
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 42-80 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-80 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 42-80 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-80 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-80 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 42-80 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 42-80 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42-80 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-80 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381

SRC:  67.163.199.3, DL: 2, Dsts: 1, Pkts: 1364, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.5.144.105, DL: 2, Dsts: 1, Pkts: 746, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.9.158.146, DL: 2, Dsts: 1, Pkts: 1365, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.97.133.225, DL: 2, Dsts: 1, Pkts: 747, Unique sigs: 2

    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.23.113.14, DL: 2, Dsts: 1, Pkts: 748, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.151.251.79, DL: 2, Dsts: 2, Pkts: 8934, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.83.158.204, DL: 2, Dsts: 22, Pkts: 30283, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  210.245.191.87, DL: 2, Dsts: 7, Pkts: 9737, Unique sigs: 7

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.194.206.178, DL: 2, Dsts: 3, Pkts: 4188, Unique sigs: 3

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.78.74.214, DL: 2, Dsts: 1, Pkts: 751, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.251.167.229, DL: 2, Dsts: 2, Pkts: 14879, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  65.199.215.3, DL: 2, Dsts: 3, Pkts: 2259, Unique sigs: 3

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.1.162.44, DL: 2, Dsts: 1, Pkts: 7445, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3127 (4 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 4, DP: 3127, SYN, Sid: 2375

SRC:  218.12.208.218, DL: 2, Dsts: 1, Pkts: 1398, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.240.46.218, DL: 2, Dsts: 1, Pkts: 1399, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.77.223.70, DL: 2, Dsts: 1, Pkts: 8201, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.44.132.154, DL: 2, Dsts: 1, Pkts: 1400, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.59.26.75, DL: 2, Dsts: 1, Pkts: 1401, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.81.98.207, DL: 2, Dsts: 1, Pkts: 1402, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.213.220.227, DL: 2, Dsts: 3, Pkts: 9718, Unique sigs: 3

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  207.177.16.13, DL: 2, Dsts: 1, Pkts: 1403, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.116.62.161, DL: 2, Dsts: 1, Pkts: 1404, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  59.33.8.112, DL: 2, Dsts: 1, Pkts: 7449, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  208.180.171.86, DL: 2, Dsts: 24, Pkts: 184603, Unique sigs: 26

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-445 (2 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 57-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 57-445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (1 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 57-139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-445 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 57-445 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (2 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 57-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  199.212.12.2, DL: 2, Dsts: 1, Pkts: 8288, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.203.96.132, DL: 2, Dsts: 1, Pkts: 7512, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.13.129.190, DL: 2, Dsts: 1, Pkts: 778, Unique sigs: 1

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.107.80.161, DL: 2, Dsts: 1, Pkts: 779, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.145.253.51, DL: 2, Dsts: 1, Pkts: 1427, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.78.15.155, DL: 2, Dsts: 1, Pkts: 780, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  70.48.96.81, DL: 2, Dsts: 1, Pkts: 1428, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.156.76.39, DL: 2, Dsts: 1, Pkts: 8296, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.119.54.161, DL: 2, Dsts: 2, Pkts: 2859, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.143.208.125, DL: 2, Dsts: 1, Pkts: 1431, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.19.229.20, DL: 2, Dsts: 1, Pkts: 1432, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.27.16.176, DL: 2, Dsts: 1, Pkts: 1433, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.13.109.234, DL: 2, Dsts: 1, Pkts: 8300, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.58.239.54, DL: 2, Dsts: 21, Pkts: 158447, Unique sigs: 21
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  210.139.51.227, DL: 2, Dsts: 1, Pkts: 8354, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.58.179.146, DL: 2, Dsts: 24, Pkts: 182604, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  69.209.45.2, DL: 2, Dsts: 1, Pkts: 8428, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.132.46.9, DL: 2, Dsts: 1, Pkts: 785, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.99.123.67, DL: 2, Dsts: 24, Pkts: 195522, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 21 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 21 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 21 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 21 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.189.208.230, DL: 2, Dsts: 1, Pkts: 8506, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.171.174.124, DL: 2, Dsts: 24, Pkts: 195242, Unique sigs: 48

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 10, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 10, Sid: 381
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 11, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 11, Sid: 381
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-445 (15 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 13, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 13, Sid: 381
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 16, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 16, Sid: 381
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 42-445 (15 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 15, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 15, Sid: 381
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-445 (15 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 12, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 12, Sid: 381
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 18, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 18, Sid: 381
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 15, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 15, Sid: 381
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 11, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 11, Sid: 381
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 10, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 10, Sid: 381
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 11, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 11, Sid: 381
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 13, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 13, Sid: 381
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 16, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 16, Sid: 381
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-445 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 12, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 12, Sid: 381
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-445 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 12, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 12, Sid: 381
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-445 (14 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 13, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 13, Sid: 381
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 15, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 15, Sid: 381
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 42-445 (16 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 13, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 13, Sid: 381
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 42-445 (15 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 12, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 12, Sid: 381
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-445 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42-445 (16 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 11, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 11, Sid: 381
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-445 (23 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 11, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 11, Sid: 381
    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 17, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 17, Sid: 381
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-445 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 14, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 14, Sid: 381

SRC:  165.194.127.250, DL: 2, Dsts: 1, Pkts: 1120, Unique sigs: 2

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  24.185.65.98, DL: 2, Dsts: 2, Pkts: 2869, Unique sigs: 2

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.207.75, DL: 2, Dsts: 1, Pkts: 1121, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.95.223.4, DL: 2, Dsts: 2, Pkts: 18136, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.199.160.158, DL: 2, Dsts: 1, Pkts: 1436, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.248.222.104, DL: 2, Dsts: 2, Pkts: 15934, Unique sigs: 2

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.90.139.102, DL: 2, Dsts: 22, Pkts: 175940, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  202.89.134.82, DL: 2, Dsts: 1, Pkts: 1437, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.127.178.187, DL: 2, Dsts: 6, Pkts: 8643, Unique sigs: 6

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.104.78.127, DL: 2, Dsts: 1, Pkts: 1124, Unique sigs: 2

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.75.19.178, DL: 2, Dsts: 1, Pkts: 9154, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.64.200.63, DL: 2, Dsts: 1, Pkts: 8037, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.23.11.177, DL: 2, Dsts: 1, Pkts: 8040, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.255.35.169, DL: 2, Dsts: 1, Pkts: 1126, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.89.102.108, DL: 2, Dsts: 1, Pkts: 1444, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.54.34.79, DL: 2, Dsts: 1, Pkts: 1127, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.210.14.138, DL: 2, Dsts: 1, Pkts: 1445, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.193.93.151, DL: 2, Dsts: 1, Pkts: 1446, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.249.23.12, DL: 2, Dsts: 24, Pkts: 193850, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  82.49.137.225, DL: 2, Dsts: 2, Pkts: 16225, Unique sigs: 2

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  203.109.97.231, DL: 2, Dsts: 1, Pkts: 8116, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  66.201.221.234, DL: 2, Dsts: 1, Pkts: 1128, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  194.151.116.5, DL: 2, Dsts: 1, Pkts: 1447, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.127.57.191, DL: 2, Dsts: 4, Pkts: 5798, Unique sigs: 4

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.166.81.250, DL: 2, Dsts: 1, Pkts: 1452, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.89.168.121, DL: 2, Dsts: 1, Pkts: 9248, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  199.203.36.141, DL: 2, Dsts: 1, Pkts: 1130, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.0.162.80, DL: 2, Dsts: 23, Pkts: 187580, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  195.29.104.55, DL: 2, Dsts: 1, Pkts: 1453, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.147.178.176, DL: 2, Dsts: 6, Pkts: 49189, Unique sigs: 6

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.18.111.76, DL: 2, Dsts: 1, Pkts: 1131, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.61.56, DL: 2, Dsts: 1, Pkts: 1132, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.144.78.244, DL: 2, Dsts: 5, Pkts: 7280, Unique sigs: 5

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.76.137.210, DL: 2, Dsts: 1, Pkts: 1133, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.130.196.53, DL: 2, Dsts: 24, Pkts: 254066, Unique sigs: 47

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (11 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (14 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 8, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (14 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 8, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (11 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (14 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 8, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (11 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.154.159.190, DL: 2, Dsts: 2, Pkts: 10820, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  200.50.11.109, DL: 2, Dsts: 2, Pkts: 2329, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.134.70.66, DL: 2, Dsts: 1, Pkts: 1528, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.6.92.182, DL: 2, Dsts: 24, Pkts: 204804, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  202.110.49.5, DL: 2, Dsts: 1, Pkts: 8569, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  217.204.59.69, DL: 2, Dsts: 3, Pkts: 12071, Unique sigs: 3

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.80.162.218, DL: 2, Dsts: 1, Pkts: 1529, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.18.213.246, DL: 2, Dsts: 1, Pkts: 9742, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.144.246.44, DL: 2, Dsts: 2, Pkts: 17151, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  200.103.236.106, DL: 2, Dsts: 1, Pkts: 1530, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.155.29.105, DL: 2, Dsts: 1, Pkts: 1531, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.238.54.42, DL: 2, Dsts: 1, Pkts: 8579, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.164.66.92, DL: 2, Dsts: 3, Pkts: 25752, Unique sigs: 3

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  219.138.208.86, DL: 2, Dsts: 1, Pkts: 9758, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.98.192.199, DL: 2, Dsts: 1, Pkts: 1532, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.101.10.22, DL: 2, Dsts: 1, Pkts: 9760, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  4.254.236.9, DL: 2, Dsts: 1, Pkts: 1533, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.27.15.236, DL: 2, Dsts: 1, Pkts: 1172, Unique sigs: 1

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  205.236.31.245, DL: 2, Dsts: 2, Pkts: 2347, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.239.176.19, DL: 2, Dsts: 2, Pkts: 3069, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.168.69.150, DL: 2, Dsts: 1, Pkts: 9765, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.126.79.73, DL: 2, Dsts: 1, Pkts: 1537, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  203.88.38.145, DL: 2, Dsts: 1, Pkts: 8592, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  194.130.15.200, DL: 2, Dsts: 23, Pkts: 226205, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.27.9.157, DL: 2, Dsts: 1, Pkts: 1199, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.2.220.58, DL: 2, Dsts: 1, Pkts: 9860, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.54.137.10, DL: 2, Dsts: 2, Pkts: 3077, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.169.111.8, DL: 2, Dsts: 1, Pkts: 8663, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  200.64.220.40, DL: 2, Dsts: 1, Pkts: 1540, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.90.96.41, DL: 2, Dsts: 1, Pkts: 1201, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.26.247.243, DL: 2, Dsts: 1, Pkts: 10004, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.157.114.171, DL: 2, Dsts: 1, Pkts: 1203, Unique sigs: 1

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.34.20.159, DL: 2, Dsts: 1, Pkts: 8805, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  209.149.179.172, DL: 2, Dsts: 1, Pkts: 1204, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.254.62.61, DL: 2, Dsts: 1, Pkts: 8808, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.137.117.87, DL: 2, Dsts: 1, Pkts: 1205, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.206.117.177, DL: 2, Dsts: 1, Pkts: 1541, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.190.134.46, DL: 2, Dsts: 1, Pkts: 1542, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.102.30.18, DL: 2, Dsts: 1, Pkts: 1206, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.12.189.27, DL: 2, Dsts: 1, Pkts: 1543, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.221.121.234, DL: 2, Dsts: 1, Pkts: 1544, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.75.142, DL: 2, Dsts: 2, Pkts: 3091, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.136.81.37, DL: 2, Dsts: 1, Pkts: 8976, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  83.130.164.134, DL: 2, Dsts: 24, Pkts: 216612, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  208.251.84.253, DL: 2, Dsts: 1, Pkts: 1207, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.59.63.103, DL: 2, Dsts: 22, Pkts: 199892, Unique sigs: 22
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  200.168.109.144, DL: 2, Dsts: 1, Pkts: 9120, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  193.146.196.219, DL: 2, Dsts: 12, Pkts: 18630, Unique sigs: 12

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.75.78, DL: 2, Dsts: 2, Pkts: 3119, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  208.210.198.145, DL: 2, Dsts: 1, Pkts: 1561, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.139.47.78, DL: 2, Dsts: 1, Pkts: 1208, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.34.91.61, DL: 2, Dsts: 1, Pkts: 1209, Unique sigs: 2

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.1.162.11, DL: 2, Dsts: 1, Pkts: 1562, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.192.222.50, DL: 2, Dsts: 1, Pkts: 10339, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.8.36.125, DL: 2, Dsts: 18, Pkts: 28958, Unique sigs: 18

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208

SRC:  66.131.92.208, DL: 2, Dsts: 1, Pkts: 1652, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.51.149.135, DL: 2, Dsts: 1, Pkts: 10341, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  165.247.175.115, DL: 2, Dsts: 1, Pkts: 1653, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.206.135.197, DL: 2, Dsts: 1, Pkts: 1654, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.116.34.20, DL: 2, Dsts: 1, Pkts: 1212, Unique sigs: 2

    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.173.41.56, DL: 2, Dsts: 1, Pkts: 1213, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  70.48.7.215, DL: 2, Dsts: 1, Pkts: 10345, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.128, DL: 2, Dsts: 3, Pkts: 4968, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.248.71.4, DL: 2, Dsts: 1, Pkts: 1658, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.127.14.195, DL: 2, Dsts: 1, Pkts: 1659, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.100.197.118, DL: 2, Dsts: 1, Pkts: 10347, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.144.75.17, DL: 2, Dsts: 5, Pkts: 37774, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (1 packets)

SRC:  63.246.66.188, DL: 2, Dsts: 1, Pkts: 1217, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.185.128.172, DL: 2, Dsts: 23, Pkts: 210914, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  68.127.171.14, DL: 2, Dsts: 1, Pkts: 1218, Unique sigs: 2

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  24.185.194.47, DL: 2, Dsts: 2, Pkts: 3321, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  128.9.168.45, DL: 2, Dsts: 8, Pkts: 9780, Unique sigs: 16

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  200.65.135.123, DL: 2, Dsts: 1, Pkts: 9200, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  210.216.254.180, DL: 2, Dsts: 1, Pkts: 9201, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.191.104.69, DL: 2, Dsts: 1, Pkts: 1227, Unique sigs: 1

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.81.28.134, DL: 2, Dsts: 1, Pkts: 1228, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.86.252.208, DL: 2, Dsts: 1, Pkts: 1662, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.7.39.84, DL: 2, Dsts: 22, Pkts: 203128, Unique sigs: 22

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.183.136.179, DL: 2, Dsts: 1, Pkts: 1229, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.99.197.89, DL: 2, Dsts: 1, Pkts: 1663, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.13.165.64, DL: 2, Dsts: 1, Pkts: 10490, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.238.98, DL: 2, Dsts: 1, Pkts: 1231, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.57.225.109, DL: 2, Dsts: 1, Pkts: 1664, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.88.18.201, DL: 2, Dsts: 18, Pkts: 167023, Unique sigs: 18
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.18.109.201, DL: 2, Dsts: 2, Pkts: 10532, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1025 (3 packets)
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.152.47.133, DL: 2, Dsts: 1, Pkts: 1665, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.84.98.30, DL: 2, Dsts: 1, Pkts: 1666, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.139.237.17, DL: 2, Dsts: 1, Pkts: 10534, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.188.189.63, DL: 2, Dsts: 1, Pkts: 9302, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (1 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 1, DP: 31105, SYN, Sid: 2182

SRC:  218.11.199.114, DL: 2, Dsts: 2, Pkts: 3335, Unique sigs: 2

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.226.50.24, DL: 2, Dsts: 17, Pkts: 158564, Unique sigs: 12

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 80-8080 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 80-8080 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80-8080 (4 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3128-8080 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 80-8080 (2 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 80-3128 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 80-8080 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 80-8080 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 80-8080 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3128-8080 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 80-8080 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 80-8080 (4 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 80-8080 (2 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3128-8080 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3128-8080 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80-8080 (2 packets)

SRC:  201.8.6.59, DL: 2, Dsts: 1, Pkts: 9350, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  206.225.87.173, DL: 2, Dsts: 8, Pkts: 13380, Unique sigs: 8

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.161.89.251, DL: 2, Dsts: 1, Pkts: 9353, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  81.214.221.195, DL: 2, Dsts: 24, Pkts: 225372, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  203.156.119.161, DL: 2, Dsts: 1, Pkts: 9428, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.21.185.2, DL: 2, Dsts: 1, Pkts: 10672, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.86.160.183, DL: 2, Dsts: 1, Pkts: 1677, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.230.128.201, DL: 2, Dsts: 1, Pkts: 1678, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.141.6.218, DL: 2, Dsts: 1, Pkts: 1679, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.148.43.110, DL: 2, Dsts: 1, Pkts: 9440, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  66.236.13.106, DL: 2, Dsts: 1, Pkts: 10678, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.14.84.211, DL: 2, Dsts: 1, Pkts: 1680, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.127.7.249, DL: 2, Dsts: 1, Pkts: 1681, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.47.227.50, DL: 2, Dsts: 1, Pkts: 10682, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.128.149.103, DL: 2, Dsts: 23, Pkts: 246955, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3306 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3306 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3306 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  217.75.54.34, DL: 2, Dsts: 24, Pkts: 229395, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  68.37.91.30, DL: 2, Dsts: 1, Pkts: 1682, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.19.9.176, DL: 2, Dsts: 2, Pkts: 2567, Unique sigs: 2

    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.139.177.214, DL: 2, Dsts: 2, Pkts: 3367, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.62.8, DL: 2, Dsts: 1, Pkts: 1285, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.45.108.27, DL: 2, Dsts: 1, Pkts: 1685, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.155.176.7, DL: 2, Dsts: 2, Pkts: 19173, Unique sigs: 2

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.230.135.85, DL: 2, Dsts: 1, Pkts: 1286, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.129.169.67, DL: 2, Dsts: 1, Pkts: 1686, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.89.96.24, DL: 2, Dsts: 1, Pkts: 10876, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.149.151.30, DL: 2, Dsts: 1, Pkts: 1687, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.10.223.63, DL: 2, Dsts: 1, Pkts: 1688, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.159.212.166, DL: 2, Dsts: 1, Pkts: 1288, Unique sigs: 1

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  80.164.118.150, DL: 2, Dsts: 1, Pkts: 1689, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.233.80.29, DL: 2, Dsts: 1, Pkts: 9591, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  200.147.48.209, DL: 2, Dsts: 1, Pkts: 9594, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.244.230.110, DL: 2, Dsts: 1, Pkts: 9595, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  207.177.16.45, DL: 2, Dsts: 1, Pkts: 1690, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.236.250.132, DL: 2, Dsts: 1, Pkts: 10885, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.129.77, DL: 2, Dsts: 1, Pkts: 1691, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.179.144.211, DL: 2, Dsts: 1, Pkts: 9597, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  12.72.231.2, DL: 2, Dsts: 1, Pkts: 1692, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  58.0.73.147, DL: 2, Dsts: 1, Pkts: 1693, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.17.192.109, DL: 2, Dsts: 1, Pkts: 1290, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.76.225.47, DL: 2, Dsts: 1, Pkts: 1694, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.76.251.202, DL: 2, Dsts: 1, Pkts: 9600, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  210.50.52.86, DL: 2, Dsts: 1, Pkts: 1695, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.113.73.217, DL: 2, Dsts: 1, Pkts: 1696, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.18.141.105, DL: 2, Dsts: 24, Pkts: 252571, Unique sigs: 47

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 666-60666 (3 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 2, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 666 (1 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 666 (1 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 666-60666 (3 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 2, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 666 (1 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 666 (1 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 666 (1 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 666 (1 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 666 (1 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 666-60666 (3 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 2, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 666-60666 (2 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 1, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 666-60666 (3 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 2, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 666-60666 (3 packets)
        Signature match: "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp), Chain: FORWARD, Count: 2, DP: 666, SYN, Sid: 100041
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  195.152.148.100, DL: 2, Dsts: 1, Pkts: 1315, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  70.183.86.76, DL: 2, Dsts: 1, Pkts: 10961, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.234.6.91, DL: 2, Dsts: 1, Pkts: 10965, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.188.41.194, DL: 2, Dsts: 1, Pkts: 10969, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.17.131.3, DL: 2, Dsts: 1, Pkts: 10973, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.193.69.46, DL: 2, Dsts: 4, Pkts: 6795, Unique sigs: 4

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  11.11.133.41, DL: 2, Dsts: 13, Pkts: 125977, Unique sigs: 1, local IP!

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1025 (6 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1025 (2 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1025 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1025 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1025 (2 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1025 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1025-6129 (12 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1025 (5 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1025 (6 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1025-6129 (12 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1025-6129 (13 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1025-6129 (17 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1025 (3 packets)

SRC:  221.218.64.114, DL: 2, Dsts: 1, Pkts: 9742, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  212.145.200.43, DL: 2, Dsts: 1, Pkts: 1702, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.200.176.30, DL: 2, Dsts: 24, Pkts: 41855, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208

SRC:  61.185.76.233, DL: 2, Dsts: 1, Pkts: 1784, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.1.64.83, DL: 2, Dsts: 1, Pkts: 1320, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.17.77.33, DL: 2, Dsts: 1, Pkts: 1321, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.55.23.76, DL: 2, Dsts: 1, Pkts: 9745, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  80.192.179.1, DL: 2, Dsts: 1, Pkts: 1322, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  193.6.242.147, DL: 2, Dsts: 4, Pkts: 7146, Unique sigs: 4

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.228.128.112, DL: 2, Dsts: 1, Pkts: 1789, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.1.91.192, DL: 2, Dsts: 1, Pkts: 1790, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.22.201.163, DL: 2, Dsts: 1, Pkts: 9758, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  212.68.251.73, DL: 2, Dsts: 1, Pkts: 9759, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  67.84.194.48, DL: 2, Dsts: 1, Pkts: 1791, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.189.246.51, DL: 2, Dsts: 1, Pkts: 1792, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.72.129.140, DL: 2, Dsts: 1, Pkts: 9762, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  201.133.155.86, DL: 2, Dsts: 1, Pkts: 11088, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.210.114.52, DL: 2, Dsts: 1, Pkts: 1793, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.91.229.65, DL: 2, Dsts: 1, Pkts: 1794, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  148.208.160.100, DL: 2, Dsts: 1, Pkts: 1795, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.144.211.176, DL: 2, Dsts: 2, Pkts: 3593, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.58.237, DL: 2, Dsts: 1, Pkts: 1324, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.143.147.180, DL: 2, Dsts: 1, Pkts: 11091, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.147.46.90, DL: 2, Dsts: 1, Pkts: 1798, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.48.5.179, DL: 2, Dsts: 1, Pkts: 1326, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.248.62.169, DL: 2, Dsts: 1, Pkts: 9769, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  201.13.158.96, DL: 2, Dsts: 1, Pkts: 1799, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.131.187.135, DL: 2, Dsts: 1, Pkts: 1800, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.147.190.214, DL: 2, Dsts: 24, Pkts: 259311, Unique sigs: 47
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.209.157.19, DL: 2, Dsts: 1, Pkts: 1801, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.142.73.95, DL: 2, Dsts: 1, Pkts: 1802, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.126.242.211, DL: 2, Dsts: 1, Pkts: 1803, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.136.194.5, DL: 2, Dsts: 1, Pkts: 1804, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.144.70.91, DL: 2, Dsts: 4, Pkts: 7226, Unique sigs: 4

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  128.9.160.82, DL: 2, Dsts: 4, Pkts: 5418, Unique sigs: 8

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  219.147.35.18, DL: 2, Dsts: 1, Pkts: 1809, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.76.233.44, DL: 2, Dsts: 1, Pkts: 11334, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.22.177.22, DL: 2, Dsts: 1, Pkts: 11336, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.225.61.172, DL: 2, Dsts: 1, Pkts: 9981, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.240.173.150, DL: 2, Dsts: 1, Pkts: 1359, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  216.231.164.75, DL: 2, Dsts: 24, Pkts: 240120, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  165.24.5.66, DL: 2, Dsts: 3, Pkts: 4087, Unique sigs: 3

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  192.168.1.17, DL: 2, Dsts: 1, Pkts: 1365, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.56.8.238, DL: 2, Dsts: 1, Pkts: 11394, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.191.228.20, DL: 2, Dsts: 1, Pkts: 10030, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  81.134.173.238, DL: 2, Dsts: 1, Pkts: 1810, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.56.239.36, DL: 2, Dsts: 1, Pkts: 10032, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  11.11.133.104, DL: 2, Dsts: 4, Pkts: 40191, Unique sigs: 1, local IP!

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1025-5554 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1025 (6 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 5554 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1025 (3 packets)

SRC:  64.32.97.6, DL: 2, Dsts: 1, Pkts: 1811, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.170.151, DL: 2, Dsts: 24, Pkts: 44146, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  12.41.68.150, DL: 2, Dsts: 1, Pkts: 11423, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.100.55.219, DL: 2, Dsts: 3, Pkts: 5607, Unique sigs: 3

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.161.76.150, DL: 2, Dsts: 1, Pkts: 1871, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.97.196.97, DL: 2, Dsts: 9, Pkts: 16884, Unique sigs: 9

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.58.160.138, DL: 2, Dsts: 1, Pkts: 11427, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.66.14.161, DL: 2, Dsts: 1, Pkts: 1881, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.90.89.108, DL: 2, Dsts: 1, Pkts: 1882, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  206.244.183.74, DL: 2, Dsts: 1, Pkts: 1369, Unique sigs: 2

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  208.57.191.112, DL: 2, Dsts: 4, Pkts: 35685, Unique sigs: 4

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.169.90.209, DL: 2, Dsts: 1, Pkts: 1883, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.11.17.100, DL: 2, Dsts: 1, Pkts: 11442, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.149.56.98, DL: 2, Dsts: 2, Pkts: 3769, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.18.42.126, DL: 2, Dsts: 1, Pkts: 1378, Unique sigs: 1

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.183.70.126, DL: 2, Dsts: 1, Pkts: 1886, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.118.63.206, DL: 2, Dsts: 1, Pkts: 1887, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.169.160.68, DL: 2, Dsts: 1, Pkts: 11447, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.80.18.94, DL: 2, Dsts: 1, Pkts: 1888, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.141.50.101, DL: 2, Dsts: 1, Pkts: 1889, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.172.168, DL: 2, Dsts: 2, Pkts: 2761, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.171.69.220, DL: 2, Dsts: 18, Pkts: 57326, Unique sigs: 18

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.161.250.77, DL: 2, Dsts: 1, Pkts: 10071, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.113.168.56, DL: 2, Dsts: 1, Pkts: 10074, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.1.193.206, DL: 2, Dsts: 1, Pkts: 10087, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 80-6129 (13 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  4.246.42.235, DL: 2, Dsts: 1, Pkts: 1910, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.130.169.87, DL: 2, Dsts: 1, Pkts: 11488, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.227.240.229, DL: 2, Dsts: 2, Pkts: 3823, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.190.108.142, DL: 2, Dsts: 1, Pkts: 10089, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (1 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 1, DP: 31105, SYN, Sid: 2182

SRC:  213.77.146.78, DL: 2, Dsts: 1, Pkts: 1913, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.52.64.90, DL: 2, Dsts: 2, Pkts: 3829, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.25.210.167, DL: 2, Dsts: 1, Pkts: 1916, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.75.106.250, DL: 2, Dsts: 1, Pkts: 11491, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.135.200.19, DL: 2, Dsts: 1, Pkts: 1402, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.130.213.51, DL: 2, Dsts: 1, Pkts: 1917, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.232.199.23, DL: 2, Dsts: 3, Pkts: 30288, Unique sigs: 3

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.22.37.189, DL: 2, Dsts: 1, Pkts: 11505, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.12.236.4, DL: 2, Dsts: 1, Pkts: 11509, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.117.136.24, DL: 2, Dsts: 24, Pkts: 243183, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  24.188.252.86, DL: 2, Dsts: 1, Pkts: 1918, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.4.101.229, DL: 2, Dsts: 1, Pkts: 1919, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.0.1.71, DL: 2, Dsts: 1, Pkts: 10160, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  202.99.177.59, DL: 2, Dsts: 18, Pkts: 34783, Unique sigs: 18

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.137.79.110, DL: 2, Dsts: 1, Pkts: 11566, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.134.219.238, DL: 2, Dsts: 1, Pkts: 1947, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.150.104.76, DL: 2, Dsts: 1, Pkts: 1948, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.128.114.69, DL: 2, Dsts: 23, Pkts: 234447, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  70.249.219.122, DL: 2, Dsts: 1, Pkts: 11622, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.202.173.20, DL: 2, Dsts: 17, Pkts: 33381, Unique sigs: 17

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.156.43.49, DL: 2, Dsts: 1, Pkts: 1407, Unique sigs: 2

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  213.154.159.250, DL: 2, Dsts: 1, Pkts: 1409, Unique sigs: 1

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  199.88.139.200, DL: 2, Dsts: 2, Pkts: 13038, Unique sigs: 2

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.81.225.29, DL: 2, Dsts: 1, Pkts: 1412, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.140.254.39, DL: 2, Dsts: 1, Pkts: 1979, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.135.14.23, DL: 2, Dsts: 1, Pkts: 10220, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  67.41.175.244, DL: 2, Dsts: 18, Pkts: 184318, Unique sigs: 18
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.235.109.228, DL: 2, Dsts: 1, Pkts: 11675, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.9.211.102, DL: 2, Dsts: 1, Pkts: 1414, Unique sigs: 2

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  172.155.90.104, DL: 2, Dsts: 1, Pkts: 1980, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.97.85.109, DL: 2, Dsts: 1, Pkts: 10310, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 2000-65500 (48 packets)

SRC:  212.204.236.2, DL: 2, Dsts: 3, Pkts: 5946, Unique sigs: 3

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.188.129.136, DL: 2, Dsts: 1, Pkts: 11728, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.78.236.19, DL: 2, Dsts: 2, Pkts: 20635, Unique sigs: 2

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  222.144.94.235, DL: 2, Dsts: 10, Pkts: 19885, Unique sigs: 10

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.133.235.142, DL: 2, Dsts: 1, Pkts: 1994, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.157.125.57, DL: 2, Dsts: 1, Pkts: 1995, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.65.52.95, DL: 2, Dsts: 1, Pkts: 1996, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.45.224.131, DL: 2, Dsts: 1, Pkts: 11736, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.27.131.199, DL: 2, Dsts: 1, Pkts: 1997, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.132.184.137, DL: 2, Dsts: 1, Pkts: 1998, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.11.204.80, DL: 2, Dsts: 1, Pkts: 1999, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.90.219.110, DL: 2, Dsts: 1, Pkts: 11738, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.253.141.183, DL: 2, Dsts: 1, Pkts: 1418, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.249.240.32, DL: 2, Dsts: 1, Pkts: 2000, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.222.242.193, DL: 2, Dsts: 1, Pkts: 10324, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.6.86.199, DL: 2, Dsts: 1, Pkts: 10327, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  67.33.46.192, DL: 2, Dsts: 1, Pkts: 1419, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.201.61.253, DL: 2, Dsts: 1, Pkts: 2001, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.90.198.61, DL: 2, Dsts: 1, Pkts: 11748, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  80.200.109.131, DL: 2, Dsts: 1, Pkts: 2002, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.183.150.105, DL: 2, Dsts: 1, Pkts: 1421, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.58.186.87, DL: 2, Dsts: 1, Pkts: 10331, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  64.231.241.177, DL: 2, Dsts: 1, Pkts: 2003, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.12.125.238, DL: 2, Dsts: 1, Pkts: 2004, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.40.71.242, DL: 2, Dsts: 24, Pkts: 248477, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.154.76.24, DL: 2, Dsts: 2, Pkts: 11798, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (2 packets)

SRC:  200.121.134.110, DL: 2, Dsts: 1, Pkts: 10385, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  80.11.169.8, DL: 2, Dsts: 1, Pkts: 10388, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.16.197.28, DL: 2, Dsts: 1, Pkts: 10408, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135-6129 (20 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.215.136.80, DL: 2, Dsts: 1, Pkts: 11834, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.56.32, DL: 2, Dsts: 1, Pkts: 1424, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  207.71.220.100, DL: 2, Dsts: 2, Pkts: 23676, Unique sigs: 2

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.59.114.95, DL: 2, Dsts: 1, Pkts: 2005, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.58.183.140, DL: 2, Dsts: 1, Pkts: 10415, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  202.159.208.236, DL: 2, Dsts: 1, Pkts: 2006, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.144.62.187, DL: 2, Dsts: 1, Pkts: 2007, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  137.65.84.32, DL: 2, Dsts: 1, Pkts: 1427, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.43.69.99, DL: 2, Dsts: 1, Pkts: 2008, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.146.246.107, DL: 2, Dsts: 1, Pkts: 1428, Unique sigs: 2

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  195.222.68.57, DL: 2, Dsts: 1, Pkts: 2009, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.170.140.51, DL: 2, Dsts: 1, Pkts: 10417, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  221.194.203.159, DL: 2, Dsts: 2, Pkts: 4023, Unique sigs: 2

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.71.202.62, DL: 2, Dsts: 1, Pkts: 2013, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.168.9.194, DL: 2, Dsts: 24, Pkts: 250908, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  172.213.218.241, DL: 2, Dsts: 1, Pkts: 2014, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.28.65.182, DL: 2, Dsts: 2, Pkts: 13351, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.173.202.105, DL: 2, Dsts: 1, Pkts: 1431, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  83.237.60.164, DL: 2, Dsts: 1, Pkts: 10495, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  203.219.25.190, DL: 2, Dsts: 1, Pkts: 2015, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.159.232.115, DL: 2, Dsts: 1, Pkts: 1432, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.215.86.174, DL: 2, Dsts: 2, Pkts: 2867, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.155.244.107, DL: 2, Dsts: 1, Pkts: 11933, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  141.153.38.124, DL: 2, Dsts: 1, Pkts: 2016, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.143.8.69, DL: 2, Dsts: 1, Pkts: 2017, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.167.112.27, DL: 2, Dsts: 1, Pkts: 2018, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.148.188.64, DL: 2, Dsts: 1, Pkts: 2019, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.203.169.21, DL: 2, Dsts: 1, Pkts: 2020, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.250.143.9, DL: 2, Dsts: 1, Pkts: 11935, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.21.207.206, DL: 2, Dsts: 1, Pkts: 11939, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.55.205.131, DL: 2, Dsts: 1, Pkts: 2021, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.134.201.123, DL: 2, Dsts: 1, Pkts: 10505, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  12.46.129.52, DL: 2, Dsts: 1, Pkts: 11944, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.44.23.128, DL: 2, Dsts: 1, Pkts: 1439, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.57.210.98, DL: 2, Dsts: 16, Pkts: 168232, Unique sigs: 16

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  172.137.6.203, DL: 2, Dsts: 1, Pkts: 2022, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.27.128.222, DL: 2, Dsts: 1, Pkts: 10524, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  192.211.38.219, DL: 2, Dsts: 24, Pkts: 305727, Unique sigs: 30
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (7 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 139-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 57-1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 139-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 57-139 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 57-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 57-139 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 57-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (7 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (7 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.99.158.57, DL: 2, Dsts: 1, Pkts: 1456, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.63.167.96, DL: 2, Dsts: 24, Pkts: 256235, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  151.28.8.247, DL: 2, Dsts: 1, Pkts: 2043, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.147.1.134, DL: 2, Dsts: 1, Pkts: 10703, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  201.1.176.229, DL: 2, Dsts: 1, Pkts: 10706, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  151.41.218.114, DL: 2, Dsts: 1, Pkts: 2044, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.235.7.155, DL: 2, Dsts: 1, Pkts: 2045, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  199.26.172.69, DL: 2, Dsts: 1, Pkts: 2046, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.214.224.101, DL: 2, Dsts: 1, Pkts: 10719, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 80-6129 (13 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  218.69.98.72, DL: 2, Dsts: 1, Pkts: 1457, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  193.109.122.53, DL: 2, Dsts: 1, Pkts: 10721, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1080-3128 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  63.189.40.249, DL: 2, Dsts: 1, Pkts: 12182, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.131.26.10, DL: 2, Dsts: 1, Pkts: 2047, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.126.228.123, DL: 2, Dsts: 1, Pkts: 2048, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.229.10.238, DL: 2, Dsts: 2, Pkts: 4099, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.7.52.85, DL: 2, Dsts: 1, Pkts: 2051, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.15.83.112, DL: 2, Dsts: 1, Pkts: 10727, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  210.17.252.11, DL: 2, Dsts: 1, Pkts: 2052, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.20.72.93, DL: 2, Dsts: 1, Pkts: 1459, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.28.160.220, DL: 2, Dsts: 1, Pkts: 12188, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.65.99.195, DL: 2, Dsts: 1, Pkts: 2053, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.140.196.52, DL: 2, Dsts: 1, Pkts: 1461, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.108.59.68, DL: 2, Dsts: 1, Pkts: 12192, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  62.147.61.124, DL: 2, Dsts: 1, Pkts: 2054, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.162.118.115, DL: 2, Dsts: 1, Pkts: 2055, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.219.231.4, DL: 2, Dsts: 1, Pkts: 1464, Unique sigs: 2

    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.134.47.91, DL: 2, Dsts: 1, Pkts: 2056, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.249.132.64, DL: 2, Dsts: 1, Pkts: 2057, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.28.8.205, DL: 2, Dsts: 1, Pkts: 2058, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.162.131.222, DL: 2, Dsts: 1, Pkts: 1465, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.150.96.109, DL: 2, Dsts: 1, Pkts: 10730, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.13.233.217, DL: 2, Dsts: 1, Pkts: 12199, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.124.130.55, DL: 2, Dsts: 2, Pkts: 4119, Unique sigs: 2

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.100.247.252, DL: 2, Dsts: 1, Pkts: 1467, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.71.164.19, DL: 2, Dsts: 1, Pkts: 1468, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.147.15, DL: 2, Dsts: 1, Pkts: 1469, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  208.51.202.242, DL: 2, Dsts: 1, Pkts: 12204, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.208.135.2, DL: 2, Dsts: 1, Pkts: 10736, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  67.166.202.52, DL: 2, Dsts: 2, Pkts: 4123, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.135.127.47, DL: 2, Dsts: 1, Pkts: 2063, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.189.225.174, DL: 2, Dsts: 1, Pkts: 1471, Unique sigs: 1

    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.219.51.156, DL: 2, Dsts: 1, Pkts: 1472, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.156.193.164, DL: 2, Dsts: 1, Pkts: 10738, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  221.152.19.148, DL: 2, Dsts: 1, Pkts: 10744, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205

SRC:  218.90.154.78, DL: 2, Dsts: 17, Pkts: 182801, Unique sigs: 17

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  58.9.135.47, DL: 2, Dsts: 1, Pkts: 2064, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.13.165.245, DL: 2, Dsts: 1, Pkts: 1473, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  146.82.89.167, DL: 2, Dsts: 3, Pkts: 32299, Unique sigs: 3

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  162.119.64.113, DL: 2, Dsts: 2, Pkts: 24490, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.102.48.90, DL: 2, Dsts: 1, Pkts: 10774, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.23.132.90, DL: 2, Dsts: 1, Pkts: 10777, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.138.208.154, DL: 2, Dsts: 1, Pkts: 1476, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.55.58.240, DL: 2, Dsts: 1, Pkts: 12255, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.162.176.243, DL: 2, Dsts: 1, Pkts: 10781, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  218.206.193.106, DL: 2, Dsts: 1, Pkts: 1478, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.85.149.252, DL: 2, Dsts: 1, Pkts: 12261, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.178.114.229, DL: 2, Dsts: 1, Pkts: 10783, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.159.49.81, DL: 2, Dsts: 1, Pkts: 12266, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.76.232.252, DL: 2, Dsts: 1, Pkts: 12268, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.134.74.113, DL: 2, Dsts: 1, Pkts: 12270, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  195.131.72.18, DL: 2, Dsts: 1, Pkts: 2065, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.150.169.10, DL: 2, Dsts: 1, Pkts: 2066, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.112.93.114, DL: 2, Dsts: 1, Pkts: 10791, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.16.8.129, DL: 2, Dsts: 1, Pkts: 12277, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  141.158.136.218, DL: 2, Dsts: 1, Pkts: 2067, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.145.227.137, DL: 2, Dsts: 1, Pkts: 2068, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.166.132.160, DL: 2, Dsts: 1, Pkts: 12279, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.5.115.170, DL: 2, Dsts: 1, Pkts: 10798, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.185.75.73, DL: 2, Dsts: 12, Pkts: 24905, Unique sigs: 12

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  151.99.174.203, DL: 2, Dsts: 24, Pkts: 259896, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.159.188.59, DL: 2, Dsts: 1, Pkts: 1485, Unique sigs: 1

    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.26.148.5, DL: 2, Dsts: 24, Pkts: 50452, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  211.137.82.108, DL: 2, Dsts: 8, Pkts: 17012, Unique sigs: 8

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.28.194, DL: 2, Dsts: 1, Pkts: 1487, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  172.207.213.196, DL: 2, Dsts: 1, Pkts: 2131, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.76.6.68, DL: 2, Dsts: 1, Pkts: 10860, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.148.129.245, DL: 2, Dsts: 24, Pkts: 52033, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208

SRC:  82.2.53.236, DL: 2, Dsts: 1, Pkts: 1488, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.232.144.96, DL: 2, Dsts: 3, Pkts: 23218, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  205.232.132.117, DL: 2, Dsts: 1, Pkts: 2203, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.184.21.148, DL: 2, Dsts: 1, Pkts: 10868, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (2 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 2, DP: 31105, SYN, Sid: 2182

SRC:  220.84.127.44, DL: 2, Dsts: 24, Pkts: 261666, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  81.214.167.223, DL: 2, Dsts: 1, Pkts: 2204, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.158.210.48, DL: 2, Dsts: 1, Pkts: 12428, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.97.75.206, DL: 2, Dsts: 24, Pkts: 263412, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  81.211.226.214, DL: 2, Dsts: 1, Pkts: 2205, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.177.14.193, DL: 2, Dsts: 1, Pkts: 1491, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.234.58.95, DL: 2, Dsts: 1, Pkts: 11087, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  222.183.24.157, DL: 2, Dsts: 1, Pkts: 11088, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  219.137.183.4, DL: 2, Dsts: 5, Pkts: 55459, Unique sigs: 5

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  85.137.59.108, DL: 2, Dsts: 1, Pkts: 11097, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  130.117.152.21, DL: 2, Dsts: 2, Pkts: 4413, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.60.137.49, DL: 2, Dsts: 24, Pkts: 267220, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  157.91.48.191, DL: 2, Dsts: 1, Pkts: 12661, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.202.20.106, DL: 2, Dsts: 1, Pkts: 1493, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.226.45.144, DL: 2, Dsts: 1, Pkts: 11171, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  200.222.132.18, DL: 2, Dsts: 1, Pkts: 2208, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  193.235.130.33, DL: 2, Dsts: 1, Pkts: 2209, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.116.119.158, DL: 2, Dsts: 1, Pkts: 2210, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.254.221.49, DL: 2, Dsts: 1, Pkts: 1494, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.155.220.55, DL: 2, Dsts: 1, Pkts: 12669, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.110, DL: 2, Dsts: 1, Pkts: 2211, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.96.208.213, DL: 2, Dsts: 24, Pkts: 269076, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  172.148.3.136, DL: 2, Dsts: 1, Pkts: 2212, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.6.169.6, DL: 2, Dsts: 5, Pkts: 63773, Unique sigs: 10

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-80 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-80 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42-80 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-80 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  12.203.141.112, DL: 2, Dsts: 3, Pkts: 6642, Unique sigs: 3

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.81.23.243, DL: 2, Dsts: 2, Pkts: 14269, Unique sigs: 2

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.158.253.3, DL: 2, Dsts: 1, Pkts: 1503, Unique sigs: 1

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.62.154.22, DL: 2, Dsts: 24, Pkts: 271284, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.234.121.2, DL: 2, Dsts: 1, Pkts: 12843, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.235.179.242, DL: 2, Dsts: 1, Pkts: 2216, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.195.26.41, DL: 2, Dsts: 1, Pkts: 2217, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.190.192.18, DL: 2, Dsts: 1, Pkts: 1505, Unique sigs: 1

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.30.133.160, DL: 2, Dsts: 1, Pkts: 1506, Unique sigs: 2

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.99.88.30, DL: 2, Dsts: 1, Pkts: 1507, Unique sigs: 1

    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.129.225.251, DL: 2, Dsts: 1, Pkts: 11425, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.18.89.73, DL: 2, Dsts: 1, Pkts: 1508, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  165.165.222.138, DL: 2, Dsts: 1, Pkts: 2218, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.171.16.110, DL: 2, Dsts: 24, Pkts: 275100, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  83.130.203.254, DL: 2, Dsts: 1, Pkts: 1509, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.54.73.133, DL: 2, Dsts: 24, Pkts: 276828, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.185.75.68, DL: 2, Dsts: 9, Pkts: 20007, Unique sigs: 9

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.188.40.42, DL: 2, Dsts: 1, Pkts: 13082, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  83.201.140.4, DL: 2, Dsts: 1, Pkts: 2228, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.21.191.5, DL: 2, Dsts: 1, Pkts: 11582, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.158.7.209, DL: 2, Dsts: 4, Pkts: 17633, Unique sigs: 4

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.148.32.63, DL: 2, Dsts: 1, Pkts: 2229, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.252.153.167, DL: 2, Dsts: 1, Pkts: 2230, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.148.108.242, DL: 2, Dsts: 24, Pkts: 278876, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077

SRC:  66.53.32.177, DL: 2, Dsts: 1, Pkts: 2231, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.8.13.77, DL: 2, Dsts: 1, Pkts: 2232, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.144.215.226, DL: 2, Dsts: 1, Pkts: 1515, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.42.65.144, DL: 2, Dsts: 1, Pkts: 11656, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  68.32.56.250, DL: 2, Dsts: 3, Pkts: 6702, Unique sigs: 3

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.162.206.95, DL: 2, Dsts: 1, Pkts: 13173, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.113.186.159, DL: 2, Dsts: 1, Pkts: 11660, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  212.107.201.22, DL: 2, Dsts: 1, Pkts: 1517, Unique sigs: 2

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  208.39.169.124, DL: 2, Dsts: 3, Pkts: 39543, Unique sigs: 3

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.139.121.164, DL: 2, Dsts: 1, Pkts: 2236, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.160.204.62, DL: 2, Dsts: 1, Pkts: 2237, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.153.69.55, DL: 2, Dsts: 1, Pkts: 1521, Unique sigs: 1

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.11.159.157, DL: 2, Dsts: 1, Pkts: 11664, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  221.249.202.131, DL: 2, Dsts: 12, Pkts: 26992, Unique sigs: 12

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208

SRC:  172.142.111.250, DL: 2, Dsts: 1, Pkts: 11667, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  217.31.176.70, DL: 2, Dsts: 1, Pkts: 1522, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.17.228.235, DL: 2, Dsts: 1, Pkts: 2261, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.199.233.239, DL: 2, Dsts: 1, Pkts: 2262, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  128.9.160.83, DL: 2, Dsts: 3, Pkts: 4572, Unique sigs: 6

    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.203.123.225, DL: 2, Dsts: 23, Pkts: 269299, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.210.16.186, DL: 2, Dsts: 1, Pkts: 13270, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.128.223.5, DL: 2, Dsts: 1, Pkts: 2263, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.154.10.42, DL: 2, Dsts: 1, Pkts: 2264, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.50.99.81, DL: 2, Dsts: 1, Pkts: 2265, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.235.95.211, DL: 2, Dsts: 1, Pkts: 11762, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-5554 (18 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.22.127.22, DL: 2, Dsts: 1, Pkts: 13292, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.109.114.199, DL: 2, Dsts: 1, Pkts: 1528, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.17.149.45, DL: 2, Dsts: 1, Pkts: 13297, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.83.173.210, DL: 2, Dsts: 1, Pkts: 1530, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.148.128.34, DL: 2, Dsts: 24, Pkts: 56672, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (10 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 10, DP: 1434, Sid: 100208

SRC:  155.239.141.143, DL: 2, Dsts: 1, Pkts: 2458, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.91.80.235, DL: 2, Dsts: 1, Pkts: 2459, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.178.84.165, DL: 2, Dsts: 1, Pkts: 2460, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.159.30.98, DL: 2, Dsts: 1, Pkts: 13302, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.71.165.233, DL: 2, Dsts: 1, Pkts: 2461, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.159.2, DL: 2, Dsts: 16, Pkts: 39516, Unique sigs: 16

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.131.191.153, DL: 2, Dsts: 1, Pkts: 2479, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.94.76.222, DL: 2, Dsts: 24, Pkts: 283433, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  192.132.24.81, DL: 2, Dsts: 1, Pkts: 1533, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  208.211.19.41, DL: 2, Dsts: 1, Pkts: 2480, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.17.95.88, DL: 2, Dsts: 1, Pkts: 1534, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.158.1.144, DL: 2, Dsts: 1, Pkts: 11836, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  172.166.8.186, DL: 2, Dsts: 1, Pkts: 2481, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.128.116.33, DL: 2, Dsts: 11, Pkts: 130262, Unique sigs: 11
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.254.17.88, DL: 2, Dsts: 24, Pkts: 285228, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.235.121.238, DL: 2, Dsts: 2, Pkts: 3071, Unique sigs: 2

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.76.15, DL: 2, Dsts: 1, Pkts: 2482, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.90.22.188, DL: 2, Dsts: 1, Pkts: 2483, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.172.109.174, DL: 2, Dsts: 1, Pkts: 2484, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.15.86.86, DL: 2, Dsts: 1, Pkts: 1537, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.32.221.12, DL: 2, Dsts: 1, Pkts: 1538, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.217.37.13, DL: 2, Dsts: 1, Pkts: 2485, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.20.0.122, DL: 2, Dsts: 1, Pkts: 1539, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.254.80.80, DL: 2, Dsts: 5, Pkts: 12440, Unique sigs: 5

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.166.7.206, DL: 2, Dsts: 1, Pkts: 11932, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.88.116.108, DL: 2, Dsts: 1, Pkts: 13473, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.130.223.222, DL: 2, Dsts: 1, Pkts: 2491, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.110.232.219, DL: 2, Dsts: 1, Pkts: 11936, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.132.239.19, DL: 2, Dsts: 1, Pkts: 2492, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.21.15.162, DL: 2, Dsts: 1, Pkts: 13480, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.156.24.114, DL: 2, Dsts: 1, Pkts: 1542, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.171.82.82, DL: 2, Dsts: 1, Pkts: 2493, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.176.93.107, DL: 2, Dsts: 1, Pkts: 11956, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.84.21.218, DL: 2, Dsts: 1, Pkts: 11959, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.19.209.136, DL: 2, Dsts: 2, Pkts: 3087, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.127.236.153, DL: 2, Dsts: 1, Pkts: 2494, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.152.207.238, DL: 2, Dsts: 24, Pkts: 325535, Unique sigs: 48

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-445 (44 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-445 (42 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-445 (43 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-445 (43 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 42-445 (54 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-445 (44 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 42-445 (32 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-445 (44 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-445 (43 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-445 (53 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 42-445 (54 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-445 (53 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-445 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-445 (42 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-445 (43 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 42-445 (32 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 42-445 (52 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-445 (32 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42-445 (54 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-445 (43 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-445 (54 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-445 (52 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 5, Sid: 381

SRC:  222.152.95.108, DL: 2, Dsts: 1, Pkts: 2495, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.188.65.210, DL: 2, Dsts: 1, Pkts: 1665, Unique sigs: 1

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.188.136.180, DL: 2, Dsts: 1, Pkts: 1666, Unique sigs: 1

    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  12.39.245.66, DL: 2, Dsts: 1, Pkts: 12973, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205

SRC:  221.8.13.73, DL: 2, Dsts: 4, Pkts: 9990, Unique sigs: 4

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.28.8.131, DL: 2, Dsts: 1, Pkts: 2500, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.220.97.109, DL: 2, Dsts: 1, Pkts: 2501, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.140.171.20, DL: 2, Dsts: 24, Pkts: 312252, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  66.162.3.215, DL: 2, Dsts: 1, Pkts: 14713, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.221.37.78, DL: 2, Dsts: 24, Pkts: 314004, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  81.195.15.206, DL: 2, Dsts: 24, Pkts: 315732, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  172.142.146.143, DL: 2, Dsts: 1, Pkts: 2502, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.230.168.117, DL: 2, Dsts: 1, Pkts: 14861, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.16.119.55, DL: 2, Dsts: 1, Pkts: 1669, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.185.32.221, DL: 2, Dsts: 1, Pkts: 1670, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.203.253.2, DL: 2, Dsts: 1, Pkts: 14867, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.40.150.133, DL: 2, Dsts: 1, Pkts: 2503, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.47.34.97, DL: 2, Dsts: 1, Pkts: 13206, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  128.123.74.235, DL: 2, Dsts: 24, Pkts: 317244, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077

SRC:  192.86.103.131, DL: 2, Dsts: 24, Pkts: 318412, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.165.114.35, DL: 2, Dsts: 1, Pkts: 13304, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.188.188.242, DL: 2, Dsts: 1, Pkts: 13305, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (1 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 1, DP: 31105, SYN, Sid: 2182

SRC:  63.20.170.67, DL: 2, Dsts: 1, Pkts: 14980, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.89.60.11, DL: 2, Dsts: 1, Pkts: 2504, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.2.245.58, DL: 2, Dsts: 1, Pkts: 14984, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.171.240.98, DL: 2, Dsts: 1, Pkts: 2505, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.61.69.197, DL: 2, Dsts: 1, Pkts: 1674, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.35.103.77, DL: 2, Dsts: 3, Pkts: 7521, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.107.121.41, DL: 2, Dsts: 1, Pkts: 14987, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.86.22.207, DL: 2, Dsts: 1, Pkts: 2509, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.74.35.174, DL: 2, Dsts: 1, Pkts: 14989, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.25.146.141, DL: 2, Dsts: 1, Pkts: 1677, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.110.59.45, DL: 2, Dsts: 2, Pkts: 5047, Unique sigs: 2

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.163.137.254, DL: 2, Dsts: 1, Pkts: 1678, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  11.11.79.67, DL: 2, Dsts: 44, Pkts: 536192, Unique sigs: 1, local IP!
    Source OS fingerprint:
        Linux (2.4.x kernel)

    DST: 195.115.0.7
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 195.115.0.3
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 205.188.149.20
        Scanned ports: FORWARD br0 tcp 6667 (6 packets)
    DST: 213.161.196.12
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
    DST: 195.115.0.12
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 195.115.0.6
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 207.28.220.6
        Scanned ports: FORWARD br0 udp 9969 (4 packets)
    DST: 62.250.14.6
        Scanned ports: FORWARD br0 tcp 6667 (11 packets)
    DST: 129.27.3.14
        Scanned ports: FORWARD br0 tcp 6667 (10 packets)
    DST: 213.48.150.1
        Scanned ports: FORWARD br0 tcp 6667 (6 packets)
    DST: 205.252.46.98
        Scanned ports: FORWARD br0 tcp 6667 (4 packets)
    DST: 193.110.95.1
        Scanned ports: FORWARD br0 tcp 6667 (10 packets)
    DST: 195.115.0.11
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 195.115.0.4
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 81.196.20.134
        Scanned ports: FORWARD br0 tcp 80 (6 packets)
    DST: 217.16.26.163
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
    DST: 195.115.0.9
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 195.115.0.2
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 199.7.66.1
        Scanned ports: FORWARD br0 udp 53 (1 packets)
    DST: 151.25.187.213
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
    DST: 64.21.117.248
        Scanned ports: FORWARD br0 tcp 6667 (3 packets)
    DST: 195.47.220.2
        Scanned ports: FORWARD br0 tcp 6667 (6 packets)
    DST: 213.208.119.11
        Scanned ports: FORWARD br0 tcp 6667 (3 packets)
    DST: 193.230.153.133
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
    DST: 81.196.20.130
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
    DST: 213.203.218.122
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
    DST: 195.115.0.10
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 217.106.2.92
        Scanned ports: FORWARD br0 tcp 6667 (3 packets)
    DST: 195.115.0.13
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 195.115.0.5
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 198.41.0.4
        Scanned ports: FORWARD br0 udp 53 (1 packets)
    DST: 207.96.122.250
        Scanned ports: FORWARD br0 tcp 6667 (5 packets)
    DST: 199.170.91.114
        Scanned ports: FORWARD br0 tcp 6667 (5 packets)
    DST: 140.99.102.4
        Scanned ports: FORWARD br0 tcp 6667 (4 packets)
    DST: 154.11.89.164
        Scanned ports: FORWARD br0 tcp 6667 (3 packets)
    DST: 11.11.79.65
        Scanned ports: FORWARD br0 udp 514 (809 packets)
    DST: 66.198.160.2
        Scanned ports: FORWARD br0 tcp 8888 (6 packets)
        Signature match: "P2P napster communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 8888, SYN, Sid: 100090
    DST: 132.207.4.32
        Scanned ports: FORWARD br0 tcp 6667 (7 packets)
    DST: 198.32.64.12
        Scanned ports: FORWARD br0 udp 53 (1 packets)
    DST: 129.27.9.248
        Scanned ports: FORWARD br0 tcp 6667 (6 packets)
    DST: 195.54.102.4
        Scanned ports: FORWARD br0 tcp 6667 (5 packets)
    DST: 213.46.223.3
        Scanned ports: FORWARD br0 tcp 6667 (4 packets)
    DST: 195.115.0.8
        Scanned ports: FORWARD br0 tcp 22 (1 packets)
    DST: 195.115.0.1
        Scanned ports: FORWARD br0 tcp 22 (1 packets)

SRC:  59.45.31.6, DL: 2, Dsts: 2, Pkts: 6683, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.31.240.140, DL: 2, Dsts: 1, Pkts: 13449, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  220.146.23.226, DL: 2, Dsts: 1, Pkts: 3343, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.133.170.216, DL: 2, Dsts: 1, Pkts: 13451, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  209.94.172.135, DL: 2, Dsts: 24, Pkts: 81406, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208

SRC:  218.164.34.212, DL: 2, Dsts: 24, Pkts: 323724, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  62.101.92.190, DL: 2, Dsts: 24, Pkts: 325444, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.150.77.69, DL: 2, Dsts: 1, Pkts: 3439, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1026-1027 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1027, Sid: 100196

SRC:  195.229.186.105, DL: 2, Dsts: 24, Pkts: 326861, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  83.36.219.208, DL: 2, Dsts: 1, Pkts: 13647, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  68.74.17.150, DL: 2, Dsts: 2, Pkts: 30661, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  219.145.107.105, DL: 2, Dsts: 7, Pkts: 24103, Unique sigs: 7

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.208.94.181, DL: 2, Dsts: 1, Pkts: 3448, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.197.201.53, DL: 2, Dsts: 2, Pkts: 6899, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  11.11.79.95, DL: 2, Dsts: 2, Pkts: 6920, Unique sigs: 0, local IP!

    DST: 62.75.177.165
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
    DST: 217.172.188.228
        Scanned ports: FORWARD br0 udp 3412-43215 (18 packets)

SRC:  24.127.183.74, DL: 2, Dsts: 1, Pkts: 3470, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.63.119.148, DL: 2, Dsts: 1, Pkts: 1682, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.22.26, DL: 2, Dsts: 1, Pkts: 1683, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  207.28.81.248, DL: 2, Dsts: 24, Pkts: 328277, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  216.150.210.194, DL: 2, Dsts: 2, Pkts: 30774, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.9.217.231, DL: 2, Dsts: 1, Pkts: 13705, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.90.116.95, DL: 2, Dsts: 1, Pkts: 3471, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.127.177.123, DL: 2, Dsts: 6, Pkts: 20847, Unique sigs: 6

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.164.93.231, DL: 2, Dsts: 1, Pkts: 3478, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.153.30.178, DL: 2, Dsts: 1, Pkts: 15400, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.79.227.207, DL: 2, Dsts: 8, Pkts: 109771, Unique sigs: 8

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  82.64.5.249, DL: 2, Dsts: 1, Pkts: 13729, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  24.80.108.99, DL: 2, Dsts: 1, Pkts: 3479, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.108.91.14, DL: 2, Dsts: 1, Pkts: 3480, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.48.15.154, DL: 2, Dsts: 24, Pkts: 369574, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3306 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3306 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  62.70.22.155, DL: 2, Dsts: 1, Pkts: 3481, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.172.249.201, DL: 2, Dsts: 24, Pkts: 86800, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1026-1027 (13 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 13, DP: 1027, Sid: 100196
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026-1027 (11 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 11, DP: 1027, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026-1027 (14 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 14, DP: 1027, Sid: 100196
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1026-1027 (11 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 11, DP: 1027, Sid: 100196
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1027, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1026, Sid: 100196
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1026-1027 (11 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 11, DP: 1027, Sid: 100196
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1027, Sid: 100196
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1026-1027 (12 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 12, DP: 1027, Sid: 100196
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1027, Sid: 100196
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1026-1027 (12 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 12, DP: 1027, Sid: 100196
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1027, Sid: 100196
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1026-1027 (12 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 12, DP: 1027, Sid: 100196
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1026-1027 (12 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 12, DP: 1027, Sid: 100196
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1026-1027 (11 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 11, DP: 1026, Sid: 100196
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1026-1027 (11 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 11, DP: 1027, Sid: 100196
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1026-1027 (12 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 12, DP: 1027, Sid: 100196
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1026-1027 (11 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 11, DP: 1026, Sid: 100196
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1027, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026-1027 (12 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 12, DP: 1027, Sid: 100196
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1026-1027 (11 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 11, DP: 1027, Sid: 100196
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1026-1027 (13 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 13, DP: 1027, Sid: 100196

SRC:  210.245.206.174, DL: 2, Dsts: 4, Pkts: 14978, Unique sigs: 4

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.23.44.95, DL: 2, Dsts: 1, Pkts: 15516, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.81.201.30, DL: 2, Dsts: 24, Pkts: 331618, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.5.52.175, DL: 2, Dsts: 1, Pkts: 3747, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  163.121.186.50, DL: 2, Dsts: 1, Pkts: 3748, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.62.47.13, DL: 2, Dsts: 6, Pkts: 22509, Unique sigs: 6

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.144.223.126, DL: 2, Dsts: 2, Pkts: 27701, Unique sigs: 2

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  80.12.55.45, DL: 2, Dsts: 1, Pkts: 3755, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.130.218.192, DL: 2, Dsts: 24, Pkts: 333348, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  60.233.159.69, DL: 2, Dsts: 1, Pkts: 1730, Unique sigs: 2

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.187.225.76, DL: 2, Dsts: 1, Pkts: 1731, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.87.195.242, DL: 2, Dsts: 2, Pkts: 3465, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  59.190.12.54, DL: 2, Dsts: 1, Pkts: 3756, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.222.0.242, DL: 2, Dsts: 1, Pkts: 15659, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.95.193.42, DL: 2, Dsts: 1, Pkts: 3757, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.222.66.179, DL: 2, Dsts: 1, Pkts: 1735, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.99.170.59, DL: 2, Dsts: 22, Pkts: 83009, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.75.37, DL: 2, Dsts: 1, Pkts: 3789, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.196.88.22, DL: 2, Dsts: 1, Pkts: 3790, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.135.2.15, DL: 2, Dsts: 1, Pkts: 13953, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 80-6129 (28 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  82.141.232.238, DL: 2, Dsts: 1, Pkts: 15690, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.187.201.65, DL: 2, Dsts: 1, Pkts: 13957, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  209.123.177.227, DL: 2, Dsts: 24, Pkts: 335868, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.206.123.169, DL: 2, Dsts: 3, Pkts: 11376, Unique sigs: 3

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.109.233.253, DL: 2, Dsts: 2, Pkts: 28067, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.147.30.118, DL: 2, Dsts: 1, Pkts: 14038, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  222.148.223.101, DL: 2, Dsts: 1, Pkts: 14074, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (1 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 1, DP: 31105, SYN, Sid: 2182

SRC:  218.108.29.98, DL: 2, Dsts: 1, Pkts: 1737, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.149.13.62, DL: 2, Dsts: 6, Pkts: 22779, Unique sigs: 6

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.227.40.112, DL: 2, Dsts: 24, Pkts: 455562, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.138.134.37, DL: 2, Dsts: 1, Pkts: 1764, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.89.168.2, DL: 2, Dsts: 1, Pkts: 15980, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.92.49.98, DL: 2, Dsts: 1, Pkts: 15982, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.82.34.25, DL: 2, Dsts: 2, Pkts: 31970, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  193.147.135.74, DL: 2, Dsts: 1, Pkts: 3868, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.246.1.184, DL: 2, Dsts: 1, Pkts: 14221, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  204.50.185.67, DL: 2, Dsts: 1, Pkts: 3869, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.42.217.4, DL: 2, Dsts: 2, Pkts: 28451, Unique sigs: 2

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.204.180.203, DL: 2, Dsts: 1, Pkts: 15997, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.159.80.5, DL: 2, Dsts: 1, Pkts: 16001, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.135.106.29, DL: 2, Dsts: 1, Pkts: 3870, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.22.47.173, DL: 2, Dsts: 1, Pkts: 16005, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  4.224.228.254, DL: 2, Dsts: 1, Pkts: 3871, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.110.203.5, DL: 2, Dsts: 1, Pkts: 3872, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.235.184.171, DL: 2, Dsts: 1, Pkts: 1772, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.73.167.126, DL: 2, Dsts: 1, Pkts: 1773, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.64.24.205, DL: 2, Dsts: 1, Pkts: 16009, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.138.199.71, DL: 2, Dsts: 1, Pkts: 16011, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.194.74.9, DL: 2, Dsts: 1, Pkts: 3873, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.78.99, DL: 2, Dsts: 1, Pkts: 3874, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.247.24.13, DL: 2, Dsts: 24, Pkts: 342225, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.109.209.113, DL: 2, Dsts: 24, Pkts: 343668, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  212.33.104.185, DL: 2, Dsts: 1, Pkts: 3875, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.159.43.40, DL: 2, Dsts: 1, Pkts: 3876, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.46.171.106, DL: 2, Dsts: 1, Pkts: 3877, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.29.216.201, DL: 2, Dsts: 1, Pkts: 3878, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.150.13.166, DL: 2, Dsts: 20, Pkts: 287290, Unique sigs: 20

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  172.156.231.249, DL: 2, Dsts: 1, Pkts: 3879, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.98.176.140, DL: 2, Dsts: 1, Pkts: 16165, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.196.235.162, DL: 2, Dsts: 11, Pkts: 158396, Unique sigs: 11

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  213.45.213.52, DL: 2, Dsts: 1, Pkts: 14411, Unique sigs: 1
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.119.240.55, DL: 2, Dsts: 1, Pkts: 3880, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.129.229.247, DL: 2, Dsts: 1, Pkts: 14414, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  213.46.7.246, DL: 2, Dsts: 2, Pkts: 7763, Unique sigs: 2

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.106.168.87, DL: 2, Dsts: 24, Pkts: 346828, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  209.8.5.120, DL: 2, Dsts: 9, Pkts: 34983, Unique sigs: 9

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.205.16.136, DL: 2, Dsts: 1, Pkts: 1777, Unique sigs: 2

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.185.79.114, DL: 2, Dsts: 1, Pkts: 3892, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.122.131.109, DL: 2, Dsts: 1, Pkts: 3893, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.187.212.175, DL: 2, Dsts: 1, Pkts: 14488, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  80.248.4.59, DL: 2, Dsts: 1, Pkts: 1778, Unique sigs: 2

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.190.20.47, DL: 2, Dsts: 9, Pkts: 35082, Unique sigs: 9

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.26.249.136, DL: 2, Dsts: 1, Pkts: 1779, Unique sigs: 1

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.130.218, DL: 2, Dsts: 1, Pkts: 3903, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  10.144.0.162, DL: 2, Dsts: 2, Pkts: 7809, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.94.152.125, DL: 2, Dsts: 1, Pkts: 14491, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.18.16.150, DL: 2, Dsts: 1, Pkts: 16274, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.164.86.84, DL: 2, Dsts: 1, Pkts: 14495, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  200.177.37.60, DL: 2, Dsts: 1, Pkts: 14499, Unique sigs: 1
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  220.248.27.194, DL: 2, Dsts: 2, Pkts: 3563, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.80.207.155, DL: 2, Dsts: 19, Pkts: 275773, Unique sigs: 19

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  207.213.27.242, DL: 2, Dsts: 2, Pkts: 7813, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.55.212.183, DL: 2, Dsts: 24, Pkts: 349288, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  82.53.114.115, DL: 2, Dsts: 1, Pkts: 3908, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.39.110.125, DL: 2, Dsts: 1, Pkts: 1783, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.49.108.35, DL: 2, Dsts: 1, Pkts: 16363, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.163.64.80, DL: 2, Dsts: 1, Pkts: 1785, Unique sigs: 1

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.85, DL: 2, Dsts: 10, Pkts: 39135, Unique sigs: 10

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.18.9.155, DL: 2, Dsts: 1, Pkts: 1786, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.132.81.93, DL: 2, Dsts: 1, Pkts: 16367, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.155.196.204, DL: 2, Dsts: 4, Pkts: 32743, Unique sigs: 2

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.208.227.65, DL: 2, Dsts: 24, Pkts: 350687, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  194.30.225.150, DL: 2, Dsts: 1, Pkts: 1790, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  211.21.99.90, DL: 2, Dsts: 1, Pkts: 3919, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.60.220.131, DL: 2, Dsts: 1, Pkts: 14640, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.17.49.159, DL: 2, Dsts: 1, Pkts: 1791, Unique sigs: 1

    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.53.10.225, DL: 2, Dsts: 24, Pkts: 352260, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  221.202.118.20, DL: 2, Dsts: 18, Pkts: 264987, Unique sigs: 18

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  222.13.32.253, DL: 2, Dsts: 1, Pkts: 3920, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.24.84.189, DL: 2, Dsts: 24, Pkts: 354249, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  68.114.252.174, DL: 2, Dsts: 1, Pkts: 1792, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.242.18.75, DL: 2, Dsts: 1, Pkts: 3921, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  131.174.53.40, DL: 2, Dsts: 2, Pkts: 7845, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.0.215.183, DL: 2, Dsts: 24, Pkts: 355860, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  221.126.67.217, DL: 2, Dsts: 7, Pkts: 27489, Unique sigs: 7

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.185.166, DL: 2, Dsts: 1, Pkts: 1793, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.112.6, DL: 2, Dsts: 1, Pkts: 1794, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  193.109.122.10, DL: 2, Dsts: 1, Pkts: 14864, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084

SRC:  148.244.130.225, DL: 2, Dsts: 1, Pkts: 3931, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  161.33.3.54, DL: 2, Dsts: 2, Pkts: 7865, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.123.44.226, DL: 2, Dsts: 1, Pkts: 1795, Unique sigs: 2

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  201.5.77.88, DL: 2, Dsts: 1, Pkts: 14866, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  211.108.72.50, DL: 2, Dsts: 1, Pkts: 1796, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.4.72.80, DL: 2, Dsts: 1, Pkts: 3934, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.122.132.170, DL: 2, Dsts: 1, Pkts: 3935, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.126.79.95, DL: 2, Dsts: 1, Pkts: 3937, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  201.19.55.91, DL: 2, Dsts: 1, Pkts: 14868, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  220.185.229.20, DL: 2, Dsts: 1, Pkts: 1797, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  12.218.154.182, DL: 2, Dsts: 1, Pkts: 3938, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.217.53.178, DL: 2, Dsts: 1, Pkts: 3939, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.162.202.89, DL: 2, Dsts: 1, Pkts: 14871, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  203.111.193.246, DL: 2, Dsts: 1, Pkts: 16672, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  80.122.125.154, DL: 2, Dsts: 1, Pkts: 3940, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.136.86.162, DL: 2, Dsts: 2, Pkts: 18474, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.167.153.79, DL: 2, Dsts: 1, Pkts: 3941, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  10.1.7.31, DL: 2, Dsts: 1, Pkts: 1801, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.0.130.73, DL: 2, Dsts: 1, Pkts: 14879, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  211.199.223.240, DL: 2, Dsts: 1, Pkts: 14882, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.15.136.213, DL: 2, Dsts: 1, Pkts: 1802, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.184.175.154, DL: 2, Dsts: 18, Pkts: 268234, Unique sigs: 18

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  204.39.34.11, DL: 2, Dsts: 1, Pkts: 16725, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.207.44.135, DL: 2, Dsts: 1, Pkts: 14931, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.238.45.138, DL: 2, Dsts: 1, Pkts: 1804, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.65.253.209, DL: 2, Dsts: 1, Pkts: 3942, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.91.114.74, DL: 2, Dsts: 1, Pkts: 1805, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  195.166.22.231, DL: 2, Dsts: 1, Pkts: 16738, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.245.134.153, DL: 2, Dsts: 3, Pkts: 20357, Unique sigs: 3

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.194.142.74, DL: 2, Dsts: 1, Pkts: 3943, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.187.7.221, DL: 2, Dsts: 2, Pkts: 7889, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.53.199.210, DL: 2, Dsts: 1, Pkts: 14935, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  202.188.126.4, DL: 2, Dsts: 3, Pkts: 5433, Unique sigs: 6

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.52.85.244, DL: 2, Dsts: 1, Pkts: 14936, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  172.129.172.27, DL: 2, Dsts: 1, Pkts: 3946, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  59.35.246.122, DL: 2, Dsts: 1, Pkts: 14939, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  12.73.178.121, DL: 2, Dsts: 1, Pkts: 3947, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.21.6.54, DL: 2, Dsts: 1, Pkts: 3948, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.13.189.148, DL: 2, Dsts: 1, Pkts: 14942, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.2.69.135, DL: 2, Dsts: 1, Pkts: 3949, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.62.51.58, DL: 2, Dsts: 1, Pkts: 3950, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.139.65.36, DL: 2, Dsts: 1, Pkts: 14943, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  24.13.26.115, DL: 2, Dsts: 1, Pkts: 16757, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.100.255.231, DL: 2, Dsts: 1, Pkts: 14947, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.15.131.170, DL: 2, Dsts: 1, Pkts: 1814, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.184.32.197, DL: 2, Dsts: 1, Pkts: 14950, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  148.240.30.153, DL: 2, Dsts: 1, Pkts: 3951, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.13.249.225, DL: 2, Dsts: 1, Pkts: 14953, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.29.0.228, DL: 2, Dsts: 23, Pkts: 344195, Unique sigs: 23
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  66.28.242.215, DL: 2, Dsts: 1, Pkts: 3952, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.65.65.4, DL: 2, Dsts: 1, Pkts: 14977, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  81.88.18.2, DL: 2, Dsts: 19, Pkts: 75428, Unique sigs: 19

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  84.234.185.185, DL: 2, Dsts: 24, Pkts: 96111, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.177.254, DL: 2, Dsts: 24, Pkts: 98608, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (8 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 8, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (9 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 9, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (7 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 7, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208

SRC:  66.176.246.205, DL: 2, Dsts: 1, Pkts: 4193, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.91.75.188, DL: 2, Dsts: 1, Pkts: 4194, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.216.28.10, DL: 2, Dsts: 2, Pkts: 29957, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.22.132.31, DL: 2, Dsts: 1, Pkts: 14993, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-1433 (14 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.84.162.137, DL: 2, Dsts: 1, Pkts: 14996, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.185.75.55, DL: 2, Dsts: 4, Pkts: 16786, Unique sigs: 4

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.37.169.95, DL: 2, Dsts: 1, Pkts: 1815, Unique sigs: 2

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  68.199.70.63, DL: 2, Dsts: 1, Pkts: 4199, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.238.152, DL: 2, Dsts: 1, Pkts: 1817, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  159.134.233.143, DL: 2, Dsts: 1, Pkts: 4200, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.25.128.53, DL: 2, Dsts: 1, Pkts: 1818, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.34.212.84, DL: 2, Dsts: 1, Pkts: 4201, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.149.45.86, DL: 2, Dsts: 3, Pkts: 12609, Unique sigs: 3

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.16.3.134, DL: 2, Dsts: 1, Pkts: 14998, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.24.94.96, DL: 2, Dsts: 1, Pkts: 16820, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.188.109.184, DL: 2, Dsts: 1, Pkts: 4205, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.109.28, DL: 2, Dsts: 1, Pkts: 1820, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.134.56.125, DL: 2, Dsts: 2, Pkts: 8413, Unique sigs: 2

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  157.91.44.1, DL: 2, Dsts: 2, Pkts: 18645, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.219.125.204, DL: 2, Dsts: 1, Pkts: 4208, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.28.52.241, DL: 2, Dsts: 1, Pkts: 1823, Unique sigs: 1

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.168.19.26, DL: 2, Dsts: 1, Pkts: 15005, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.187.8.196, DL: 2, Dsts: 2, Pkts: 8419, Unique sigs: 2

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.148.64.72, DL: 2, Dsts: 12, Pkts: 50605, Unique sigs: 12

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  219.186.2.71, DL: 2, Dsts: 1, Pkts: 16830, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.222.88.128, DL: 2, Dsts: 1, Pkts: 16832, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.56.32.26, DL: 2, Dsts: 1, Pkts: 1826, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.9, DL: 2, Dsts: 1, Pkts: 4225, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.165.195.125, DL: 2, Dsts: 1, Pkts: 4226, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.249.147.168, DL: 2, Dsts: 1, Pkts: 4227, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.194.107.109, DL: 2, Dsts: 2, Pkts: 8457, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.148.144.219, DL: 2, Dsts: 1, Pkts: 4230, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.233.228.168, DL: 2, Dsts: 1, Pkts: 16837, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.107.145.81, DL: 2, Dsts: 1, Pkts: 15013, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  218.12.129.24, DL: 2, Dsts: 1, Pkts: 4231, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.78.70.23, DL: 2, Dsts: 1, Pkts: 1828, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.153.71.77, DL: 2, Dsts: 1, Pkts: 1829, Unique sigs: 1

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.204.127.90, DL: 2, Dsts: 1, Pkts: 15016, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.19.44.54, DL: 2, Dsts: 1, Pkts: 1830, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.254.39.217, DL: 2, Dsts: 1, Pkts: 4232, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.22.80.55, DL: 2, Dsts: 1, Pkts: 4233, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.175.131.148, DL: 2, Dsts: 1, Pkts: 15018, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  81.180.46.216, DL: 2, Dsts: 1, Pkts: 1831, Unique sigs: 2

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  217.34.245.114, DL: 2, Dsts: 3, Pkts: 12705, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.52.122.209, DL: 2, Dsts: 1, Pkts: 15026, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  165.247.175.200, DL: 2, Dsts: 1, Pkts: 4237, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.44.195.244, DL: 2, Dsts: 1, Pkts: 4238, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.12.130.53, DL: 2, Dsts: 1, Pkts: 4239, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.134.45.18, DL: 2, Dsts: 10, Pkts: 42446, Unique sigs: 10

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  211.59.201.214, DL: 2, Dsts: 16, Pkts: 240557, Unique sigs: 16

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  63.159.80.32, DL: 2, Dsts: 1, Pkts: 1832, Unique sigs: 1

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.144.75.21, DL: 2, Dsts: 2, Pkts: 16878, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.122.206.158, DL: 2, Dsts: 1, Pkts: 4251, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.168.179.91, DL: 2, Dsts: 1, Pkts: 15048, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  220.107.142.207, DL: 2, Dsts: 1, Pkts: 15051, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  68.85.151.156, DL: 2, Dsts: 1, Pkts: 4252, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.43.87.12, DL: 2, Dsts: 1, Pkts: 4254, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  24.78.231.173, DL: 2, Dsts: 1, Pkts: 16886, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.170.243.29, DL: 2, Dsts: 2, Pkts: 30120, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.191.135.19, DL: 2, Dsts: 1, Pkts: 4255, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.36.17.97, DL: 2, Dsts: 4, Pkts: 17030, Unique sigs: 4

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.188.97.82, DL: 2, Dsts: 1, Pkts: 16899, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.131.13.205, DL: 2, Dsts: 1, Pkts: 4260, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.108.83.156, DL: 2, Dsts: 24, Pkts: 362420, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  24.172.95.226, DL: 2, Dsts: 7, Pkts: 12881, Unique sigs: 7

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.48.170.78, DL: 2, Dsts: 1, Pkts: 4261, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.229.103.38, DL: 2, Dsts: 1, Pkts: 4262, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.97.59.122, DL: 2, Dsts: 1, Pkts: 4263, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.2.233.3, DL: 2, Dsts: 1, Pkts: 15136, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.20.120.191, DL: 2, Dsts: 1, Pkts: 1845, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  12.46.193.218, DL: 2, Dsts: 1, Pkts: 4264, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.197.25.90, DL: 2, Dsts: 1, Pkts: 15138, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.16.112.167, DL: 2, Dsts: 23, Pkts: 348842, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  200.206.56.204, DL: 2, Dsts: 1, Pkts: 15194, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  24.215.76.193, DL: 2, Dsts: 1, Pkts: 15197, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  212.23.107.29, DL: 2, Dsts: 1, Pkts: 4265, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.222.166.236, DL: 2, Dsts: 1, Pkts: 4266, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  208.210.198.249, DL: 2, Dsts: 1, Pkts: 4267, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.195.120.73, DL: 2, Dsts: 1, Pkts: 15200, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  67.82.198.185, DL: 2, Dsts: 1, Pkts: 4268, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.231.105.221, DL: 2, Dsts: 1, Pkts: 4269, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.63.112.85, DL: 2, Dsts: 1, Pkts: 1846, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.136.1.130, DL: 2, Dsts: 17, Pkts: 258730, Unique sigs: 17

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  219.148.129.226, DL: 2, Dsts: 14, Pkts: 59921, Unique sigs: 14

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.143.252.198, DL: 2, Dsts: 1, Pkts: 17086, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.108.16.173, DL: 2, Dsts: 1, Pkts: 4289, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.163.167.30, DL: 2, Dsts: 1, Pkts: 17090, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.26.225.249, DL: 2, Dsts: 1, Pkts: 17094, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.51.181.57, DL: 2, Dsts: 24, Pkts: 366180, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  4.29.128.223, DL: 2, Dsts: 1, Pkts: 15272, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.21.8.159, DL: 2, Dsts: 1, Pkts: 4290, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.219.59.236, DL: 2, Dsts: 1, Pkts: 4291, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.190.30.90, DL: 2, Dsts: 1, Pkts: 15275, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  209.115.238.18, DL: 2, Dsts: 1, Pkts: 17126, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.136.128.224, DL: 2, Dsts: 1, Pkts: 15279, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  68.78.252.246, DL: 2, Dsts: 1, Pkts: 4292, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.175.79.169, DL: 2, Dsts: 1, Pkts: 4293, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.146.23.24, DL: 2, Dsts: 1, Pkts: 4294, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.123.208.86, DL: 2, Dsts: 1, Pkts: 4295, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.34.162.229, DL: 2, Dsts: 1, Pkts: 4296, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.147.167.99, DL: 2, Dsts: 1, Pkts: 4297, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.147.177.175, DL: 2, Dsts: 2, Pkts: 30566, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  213.22.13.82, DL: 2, Dsts: 1, Pkts: 4298, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.194.175.10, DL: 2, Dsts: 1, Pkts: 1851, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.76.224.23, DL: 2, Dsts: 1, Pkts: 15287, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  64.132.198.14, DL: 2, Dsts: 2, Pkts: 34288, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.233.228.30, DL: 2, Dsts: 1, Pkts: 15294, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3128 (1 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  24.205.187.136, DL: 2, Dsts: 24, Pkts: 367956, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  62.117.87.123, DL: 2, Dsts: 1, Pkts: 4299, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.61.145.104, DL: 2, Dsts: 1, Pkts: 1854, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.103.194.195, DL: 2, Dsts: 1, Pkts: 15367, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  218.58.110.66, DL: 2, Dsts: 1, Pkts: 15368, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  81.136.234.122, DL: 2, Dsts: 1, Pkts: 4300, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.148.53.81, DL: 2, Dsts: 1, Pkts: 4301, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.56.35.10, DL: 2, Dsts: 1, Pkts: 4302, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.102.139.251, DL: 2, Dsts: 1, Pkts: 4303, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.224.75.143, DL: 2, Dsts: 1, Pkts: 4304, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.27.16.130, DL: 2, Dsts: 7, Pkts: 30174, Unique sigs: 7

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.79.184.9, DL: 2, Dsts: 1, Pkts: 1855, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.213.198.25, DL: 2, Dsts: 1, Pkts: 1856, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  207.168.116.87, DL: 2, Dsts: 1, Pkts: 4316, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.116.76.54, DL: 2, Dsts: 1, Pkts: 17228, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.94.213.150, DL: 2, Dsts: 1, Pkts: 4317, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.68.166.232, DL: 2, Dsts: 3, Pkts: 12978, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  208.62.177.10, DL: 2, Dsts: 2, Pkts: 34464, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.63.168.31, DL: 2, Dsts: 1, Pkts: 15377, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  200.90.87.148, DL: 2, Dsts: 1, Pkts: 15380, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.85.115.143, DL: 2, Dsts: 1, Pkts: 1860, Unique sigs: 2

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  208.2.147.40, DL: 2, Dsts: 1, Pkts: 4328, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.197.218.56, DL: 2, Dsts: 1, Pkts: 4329, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.242.55.10, DL: 2, Dsts: 24, Pkts: 369840, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  203.115.77.35, DL: 2, Dsts: 1, Pkts: 17294, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.151.244.124, DL: 2, Dsts: 1, Pkts: 4330, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.128.21.241, DL: 2, Dsts: 24, Pkts: 371080, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  64.164.60.131, DL: 2, Dsts: 1, Pkts: 17353, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.83.35.225, DL: 2, Dsts: 24, Pkts: 372679, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  210.22.63.62, DL: 2, Dsts: 24, Pkts: 373968, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.150.43.113, DL: 2, Dsts: 3, Pkts: 5605, Unique sigs: 3

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  61.182.101.71, DL: 2, Dsts: 1, Pkts: 4331, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.193.33.84, DL: 2, Dsts: 1, Pkts: 15608, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.155.200.15, DL: 2, Dsts: 1, Pkts: 4332, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.175.194.84, DL: 2, Dsts: 2, Pkts: 8667, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.73.152.239, DL: 2, Dsts: 1, Pkts: 1873, Unique sigs: 2

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  66.158.22.70, DL: 2, Dsts: 2, Pkts: 3749, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  85.140.25.254, DL: 2, Dsts: 1, Pkts: 4335, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.168.223.79, DL: 2, Dsts: 1, Pkts: 4336, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.254.21.130, DL: 2, Dsts: 1, Pkts: 1876, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.206.74, DL: 2, Dsts: 1, Pkts: 1877, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.34.117, DL: 2, Dsts: 1, Pkts: 4337, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.129.21.137, DL: 2, Dsts: 1, Pkts: 17487, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.155.147.6, DL: 2, Dsts: 1, Pkts: 17489, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.200.228.148, DL: 2, Dsts: 24, Pkts: 375524, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.159.64.145, DL: 2, Dsts: 1, Pkts: 17563, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.18.43.182, DL: 2, Dsts: 1, Pkts: 1881, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.141.177.203, DL: 2, Dsts: 1, Pkts: 4338, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.29.227, DL: 2, Dsts: 1, Pkts: 1882, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.173.226.47, DL: 2, Dsts: 1, Pkts: 1883, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  66.110.209.194, DL: 2, Dsts: 7, Pkts: 13254, Unique sigs: 14

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 4, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 3, Sid: 385
    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 1, Sid: 385
    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 1, Sid: 385
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 4, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 1, Sid: 385
    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 4, Sid: 385
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 1, Sid: 385
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 1, Sid: 385

SRC:  218.95.60.97, DL: 2, Dsts: 1, Pkts: 15693, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  217.245.4.68, DL: 2, Dsts: 2, Pkts: 31394, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  210.139.185.126, DL: 2, Dsts: 9, Pkts: 39087, Unique sigs: 9

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.144.46.6, DL: 2, Dsts: 1, Pkts: 15700, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  201.129.192.71, DL: 2, Dsts: 1, Pkts: 4348, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.75.64, DL: 2, Dsts: 18, Pkts: 78579, Unique sigs: 18

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.253.185.51, DL: 2, Dsts: 1, Pkts: 4375, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.233.71.39, DL: 2, Dsts: 1, Pkts: 1901, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.235.96.43, DL: 2, Dsts: 1, Pkts: 1902, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.76.196, DL: 2, Dsts: 2, Pkts: 8753, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.233.125.47, DL: 2, Dsts: 1, Pkts: 1903, Unique sigs: 1

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.111.82.240, DL: 2, Dsts: 1, Pkts: 1904, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.233.90.18, DL: 2, Dsts: 1, Pkts: 4378, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.67.54.189, DL: 2, Dsts: 1, Pkts: 17625, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.107.155.142, DL: 2, Dsts: 1, Pkts: 4379, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.60.98.72, DL: 2, Dsts: 24, Pkts: 378180, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  24.196.140.78, DL: 2, Dsts: 1, Pkts: 4380, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.16.102.209, DL: 2, Dsts: 1, Pkts: 1906, Unique sigs: 1

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.162.145.103, DL: 2, Dsts: 1, Pkts: 15795, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.185.32.134, DL: 2, Dsts: 1, Pkts: 17705, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.130.213.251, DL: 2, Dsts: 1, Pkts: 1908, Unique sigs: 1

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  164.77.70.238, DL: 2, Dsts: 1, Pkts: 15801, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  150.101.64.205, DL: 2, Dsts: 1, Pkts: 4381, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.176.90.3, DL: 2, Dsts: 1, Pkts: 4382, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.63.16, DL: 2, Dsts: 1, Pkts: 1909, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.194.232.251, DL: 2, Dsts: 3, Pkts: 13154, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  85.186.42.47, DL: 2, Dsts: 1, Pkts: 1910, Unique sigs: 2

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  64.164.44.218, DL: 2, Dsts: 1, Pkts: 4387, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.116.139.160, DL: 2, Dsts: 1, Pkts: 4388, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.134.62.4, DL: 2, Dsts: 6, Pkts: 26356, Unique sigs: 6

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.130.96.199, DL: 2, Dsts: 1, Pkts: 15804, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  201.8.63.143, DL: 2, Dsts: 1, Pkts: 15807, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.87.7.110, DL: 2, Dsts: 1, Pkts: 1911, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.212.44.15, DL: 2, Dsts: 1, Pkts: 4397, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.38.168.236, DL: 2, Dsts: 1, Pkts: 15810, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  66.117.43.146, DL: 2, Dsts: 24, Pkts: 106569, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208

SRC:  82.74.68.96, DL: 2, Dsts: 1, Pkts: 1912, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.22.11.100, DL: 2, Dsts: 1, Pkts: 1913, Unique sigs: 1

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.173.247, DL: 2, Dsts: 1, Pkts: 1914, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.91.249.149, DL: 2, Dsts: 1, Pkts: 4480, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.213.104.126, DL: 2, Dsts: 1, Pkts: 17726, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.192.132.167, DL: 2, Dsts: 1, Pkts: 4481, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.184.95.230, DL: 2, Dsts: 1, Pkts: 1916, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.153.227.229, DL: 2, Dsts: 2, Pkts: 3835, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.234.32.26, DL: 2, Dsts: 1, Pkts: 1919, Unique sigs: 1

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.126.79.100, DL: 2, Dsts: 1, Pkts: 4483, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  66.76.78.201, DL: 2, Dsts: 1, Pkts: 17734, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.99.148.204, DL: 2, Dsts: 1, Pkts: 15817, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.220.243.178, DL: 2, Dsts: 1, Pkts: 1921, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.30.231.71, DL: 2, Dsts: 1, Pkts: 4484, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.116.105.23, DL: 2, Dsts: 1, Pkts: 4485, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.139.95.14, DL: 2, Dsts: 7, Pkts: 31423, Unique sigs: 7

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.118.122.95, DL: 2, Dsts: 1, Pkts: 4493, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.27.32.240, DL: 2, Dsts: 1, Pkts: 4494, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.159.197.43, DL: 2, Dsts: 1, Pkts: 1922, Unique sigs: 2

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.141.188.153, DL: 2, Dsts: 1, Pkts: 17750, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.89.67.5, DL: 2, Dsts: 1, Pkts: 4495, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.97.93.49, DL: 2, Dsts: 1, Pkts: 4496, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.233.126.66, DL: 2, Dsts: 1, Pkts: 17754, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.51.72.201, DL: 2, Dsts: 1, Pkts: 15832, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  222.50.45.37, DL: 2, Dsts: 2, Pkts: 31672, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.191.161.112, DL: 2, Dsts: 1, Pkts: 4497, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.248.101.8, DL: 2, Dsts: 24, Pkts: 380873, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  212.5.92.161, DL: 2, Dsts: 1, Pkts: 1925, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.95.149.150, DL: 2, Dsts: 1, Pkts: 1926, Unique sigs: 2

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  66.158.24.2, DL: 2, Dsts: 1, Pkts: 1927, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.218.60.137, DL: 2, Dsts: 24, Pkts: 382524, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  70.112.233.35, DL: 2, Dsts: 1, Pkts: 1928, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.98.122.111, DL: 2, Dsts: 1, Pkts: 4498, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.60.106, DL: 2, Dsts: 1, Pkts: 1929, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.81.171.232, DL: 2, Dsts: 1, Pkts: 17898, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.77.221.3, DL: 2, Dsts: 1, Pkts: 1931, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.201.61, DL: 2, Dsts: 1, Pkts: 1932, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.65.113.91, DL: 2, Dsts: 1, Pkts: 15971, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.184.125.32, DL: 2, Dsts: 1, Pkts: 16012, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.188.64.208, DL: 2, Dsts: 1, Pkts: 1933, Unique sigs: 1

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.234.6.186, DL: 2, Dsts: 1, Pkts: 1934, Unique sigs: 1

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.105.23.102, DL: 2, Dsts: 1, Pkts: 4499, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.164.98.149, DL: 2, Dsts: 1, Pkts: 16015, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.188.80.24, DL: 2, Dsts: 1, Pkts: 17953, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.139.10.201, DL: 2, Dsts: 1, Pkts: 17957, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.127, DL: 2, Dsts: 3, Pkts: 13504, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  202.176.101.8, DL: 2, Dsts: 1, Pkts: 4504, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.191.104.179, DL: 2, Dsts: 1, Pkts: 16024, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.185.28.105, DL: 2, Dsts: 18, Pkts: 81429, Unique sigs: 18

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.26.189.158, DL: 2, Dsts: 24, Pkts: 385135, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.18.82.239, DL: 2, Dsts: 1, Pkts: 1937, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.127.5.0, DL: 2, Dsts: 1, Pkts: 4541, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.170.10.216, DL: 2, Dsts: 1, Pkts: 4542, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.12.131.46, DL: 2, Dsts: 1, Pkts: 4543, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.74.196.12, DL: 2, Dsts: 1, Pkts: 16081, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 80-6129 (9 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375

SRC:  62.194.249.10, DL: 2, Dsts: 5, Pkts: 22730, Unique sigs: 5

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.165.126.86, DL: 2, Dsts: 1, Pkts: 16084, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  82.145.232.1, DL: 2, Dsts: 24, Pkts: 388400, Unique sigs: 24
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (8 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 8, DP: 4899, SYN, Sid: 100204

SRC:  68.191.137.235, DL: 2, Dsts: 1, Pkts: 18213, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.184.93.85, DL: 2, Dsts: 1, Pkts: 1939, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.127.111.13, DL: 2, Dsts: 24, Pkts: 391500, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  68.32.245.193, DL: 2, Dsts: 1, Pkts: 4549, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.194.54, DL: 2, Dsts: 1, Pkts: 1940, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.122.134.16, DL: 2, Dsts: 1, Pkts: 4550, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.223.70.80, DL: 2, Dsts: 1, Pkts: 4551, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  58.8.250.148, DL: 2, Dsts: 1, Pkts: 4552, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.173.230.27, DL: 2, Dsts: 24, Pkts: 425554, Unique sigs: 48

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 42-80 (15 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 3, Sid: 381
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-80 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381

SRC:  202.92.187.126, DL: 2, Dsts: 1, Pkts: 4553, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.35.155.228, DL: 2, Dsts: 1, Pkts: 4554, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.169.240.139, DL: 2, Dsts: 1, Pkts: 1983, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.48.220.63, DL: 2, Dsts: 1, Pkts: 4555, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  199.44.16.225, DL: 2, Dsts: 1, Pkts: 4556, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.129.129.111, DL: 2, Dsts: 1, Pkts: 16550, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  64.59.15.99, DL: 2, Dsts: 1, Pkts: 18535, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.155.220.46, DL: 2, Dsts: 1, Pkts: 18539, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.183.236.2, DL: 2, Dsts: 23, Pkts: 381224, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077

SRC:  148.240.224.4, DL: 2, Dsts: 24, Pkts: 399424, Unique sigs: 24
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  83.177.190.247, DL: 2, Dsts: 1, Pkts: 4557, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.37.145.182, DL: 2, Dsts: 1, Pkts: 4558, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.153.124.20, DL: 2, Dsts: 1, Pkts: 1986, Unique sigs: 1

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  4.239.228.38, DL: 2, Dsts: 1, Pkts: 4559, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.15.22.114, DL: 2, Dsts: 1, Pkts: 1987, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.149.17.1, DL: 2, Dsts: 8, Pkts: 36508, Unique sigs: 8

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.77.168, DL: 2, Dsts: 1, Pkts: 4568, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.243.37.10, DL: 2, Dsts: 2, Pkts: 3977, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.157.226.138, DL: 2, Dsts: 1, Pkts: 16690, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  129.174.61.34, DL: 2, Dsts: 1, Pkts: 18681, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.161.232.40, DL: 2, Dsts: 1, Pkts: 1991, Unique sigs: 2

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  62.38.12.86, DL: 2, Dsts: 24, Pkts: 542025, Unique sigs: 47
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.195.0.22, DL: 2, Dsts: 1, Pkts: 17039, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.25.18.207, DL: 2, Dsts: 1, Pkts: 19058, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.210.62.125, DL: 2, Dsts: 1, Pkts: 4638, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.116.28.41, DL: 2, Dsts: 1, Pkts: 19062, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.115.129.26, DL: 2, Dsts: 1, Pkts: 2020, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.153.30.172, DL: 2, Dsts: 2, Pkts: 38244, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.246.38.131, DL: 2, Dsts: 1, Pkts: 2023, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.121.199.130, DL: 2, Dsts: 1, Pkts: 4639, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.95.98.226, DL: 2, Dsts: 1, Pkts: 4640, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.6.175.138, DL: 2, Dsts: 1, Pkts: 4641, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.82.171.70, DL: 2, Dsts: 1, Pkts: 2024, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.216.104.143, DL: 2, Dsts: 1, Pkts: 4642, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.195.196.219, DL: 2, Dsts: 1, Pkts: 4643, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.18.248.15, DL: 2, Dsts: 1, Pkts: 2025, Unique sigs: 1

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  148.221.24.155, DL: 2, Dsts: 1, Pkts: 4644, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.189.248.193, DL: 2, Dsts: 1, Pkts: 17104, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  12.160.116.98, DL: 2, Dsts: 24, Pkts: 410796, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077

SRC:  222.91.10.214, DL: 2, Dsts: 1, Pkts: 4645, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.170.5.22, DL: 2, Dsts: 1, Pkts: 4646, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.175.198.50, DL: 2, Dsts: 1, Pkts: 2026, Unique sigs: 2

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.18.33.103, DL: 2, Dsts: 1, Pkts: 2027, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.46.5.111, DL: 2, Dsts: 1, Pkts: 4647, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.136.78.148, DL: 2, Dsts: 1, Pkts: 4648, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.173.26.195, DL: 2, Dsts: 2, Pkts: 34265, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  217.160.212.95, DL: 2, Dsts: 7, Pkts: 32564, Unique sigs: 7

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.17.92.49, DL: 2, Dsts: 1, Pkts: 19165, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.11.112.216, DL: 2, Dsts: 1, Pkts: 17141, Unique sigs: 1
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  80.57.228.43, DL: 2, Dsts: 1, Pkts: 4656, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.40.55.231, DL: 2, Dsts: 1, Pkts: 4657, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.165.170.115, DL: 2, Dsts: 1, Pkts: 4658, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.124.213.213, DL: 2, Dsts: 24, Pkts: 451323, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3306 (19 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3306 (19 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3306 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3306 (19 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3306 (19 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3306 (19 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3306 (19 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3306 (19 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3306 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  221.211.123.40, DL: 2, Dsts: 1, Pkts: 19862, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.232.177.27, DL: 2, Dsts: 2, Pkts: 35590, Unique sigs: 2

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.1.222.92, DL: 2, Dsts: 1, Pkts: 4659, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.92.195.197, DL: 2, Dsts: 1, Pkts: 2071, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.15.242.179, DL: 2, Dsts: 21, Pkts: 373947, Unique sigs: 21

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  221.127.7.92, DL: 2, Dsts: 3, Pkts: 13983, Unique sigs: 3

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.1.106.52, DL: 2, Dsts: 4, Pkts: 18662, Unique sigs: 4

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.141.248.30, DL: 2, Dsts: 9, Pkts: 42054, Unique sigs: 9

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.234.222.192, DL: 2, Dsts: 1, Pkts: 4678, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.0.147.216, DL: 2, Dsts: 1, Pkts: 2072, Unique sigs: 2

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  65.147.238.130, DL: 2, Dsts: 1, Pkts: 17830, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-6129 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  11.11.133.42, DL: 2, Dsts: 24, Pkts: 440400, Unique sigs: 24, local IP!

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (30 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 30, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (38 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 38, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1025-1433 (47 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 38, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (47 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 47, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1025-1433 (46 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 43, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (45 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 45, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (37 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 37, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (44 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 44, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (39 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 39, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (57 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 57, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (38 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 38, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (37 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 37, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (53 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 53, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (51 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 51, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1025-1433 (45 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 44, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (37 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 37, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (29 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 29, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (23 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 23, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (41 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 41, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (35 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 35, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (41 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 41, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1025-1433 (41 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 40, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (23 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 23, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1025-1433 (57 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 56, DP: 1433, SYN, Sid: 100205

SRC:  218.41.29.177, DL: 2, Dsts: 1, Pkts: 4679, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.137.165.148, DL: 2, Dsts: 1, Pkts: 20885, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.109.238.42, DL: 2, Dsts: 1, Pkts: 4680, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.218.189.15, DL: 2, Dsts: 1, Pkts: 4681, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.191.112.98, DL: 2, Dsts: 1, Pkts: 20889, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.64.202.232, DL: 2, Dsts: 24, Pkts: 452231, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  68.45.199.28, DL: 2, Dsts: 1, Pkts: 4682, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.212.215.216, DL: 2, Dsts: 1, Pkts: 18872, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  84.150.152.117, DL: 2, Dsts: 1, Pkts: 4683, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.94.97.141, DL: 2, Dsts: 1, Pkts: 20948, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.211.224.222, DL: 2, Dsts: 1, Pkts: 4684, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.85.52.70, DL: 2, Dsts: 23, Pkts: 434656, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  219.236.132.144, DL: 2, Dsts: 1, Pkts: 18921, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  81.58.96.211, DL: 2, Dsts: 1, Pkts: 4685, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.149.29.25, DL: 2, Dsts: 7, Pkts: 132575, Unique sigs: 3

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445-1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445-1433 (7 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445-1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.202.24.108, DL: 2, Dsts: 2, Pkts: 37910, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  24.62.104.227, DL: 2, Dsts: 1, Pkts: 4686, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.136.95.120, DL: 2, Dsts: 1, Pkts: 4687, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.18.63.112, DL: 2, Dsts: 1, Pkts: 2076, Unique sigs: 1

    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.21.97.197, DL: 2, Dsts: 1, Pkts: 2077, Unique sigs: 1

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.252.242.100, DL: 2, Dsts: 4, Pkts: 77938, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 139 (3 packets)

SRC:  220.91.154.252, DL: 2, Dsts: 1, Pkts: 18974, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  62.126.79.85, DL: 2, Dsts: 1, Pkts: 4689, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  211.147.206.199, DL: 2, Dsts: 12, Pkts: 227766, Unique sigs: 12

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  66.165.101.114, DL: 2, Dsts: 23, Pkts: 437181, Unique sigs: 23
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  221.127.251.178, DL: 2, Dsts: 1, Pkts: 4690, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.162.81.108, DL: 2, Dsts: 2, Pkts: 9383, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.78.83.20, DL: 2, Dsts: 1, Pkts: 2079, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.144.66.72, DL: 2, Dsts: 2, Pkts: 9387, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.200.150.35, DL: 2, Dsts: 24, Pkts: 456996, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  82.44.84.90, DL: 2, Dsts: 24, Pkts: 458172, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  68.205.203.242, DL: 2, Dsts: 8, Pkts: 153067, Unique sigs: 8

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  216.215.202.3, DL: 2, Dsts: 1, Pkts: 21223, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.175.111.130, DL: 2, Dsts: 2, Pkts: 9391, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.74.229.19, DL: 2, Dsts: 2, Pkts: 42452, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  127.0.0.1, DL: 2, Dsts: 24, Pkts: 460045, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  211.99.123.122, DL: 2, Dsts: 1, Pkts: 4697, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.139.211.165, DL: 2, Dsts: 3, Pkts: 14097, Unique sigs: 3

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.177.6, DL: 2, Dsts: 1, Pkts: 2083, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.32.75.108, DL: 2, Dsts: 1, Pkts: 4701, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.173.24.182, DL: 2, Dsts: 1, Pkts: 19191, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  192.195.225.6, DL: 2, Dsts: 3, Pkts: 44640, Unique sigs: 3

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.131.253.239, DL: 2, Dsts: 1, Pkts: 19195, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  137.65.148.23, DL: 2, Dsts: 1, Pkts: 2087, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.13.194.90, DL: 2, Dsts: 1, Pkts: 19198, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.137.105.4, DL: 2, Dsts: 1, Pkts: 4702, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.224.44.84, DL: 2, Dsts: 1, Pkts: 19199, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  201.6.250.160, DL: 2, Dsts: 1, Pkts: 19201, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  151.204.253.231, DL: 2, Dsts: 1, Pkts: 21292, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.109.211.151, DL: 2, Dsts: 1, Pkts: 19207, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.189.96.85, DL: 2, Dsts: 1, Pkts: 21299, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.234.18.86, DL: 2, Dsts: 24, Pkts: 462723, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (5 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (5 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (5 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (5 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3389 (5 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (5 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (6 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3389, SYN, Sid: 100077

SRC:  82.207.34.36, DL: 2, Dsts: 1, Pkts: 4703, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.96.232.58, DL: 2, Dsts: 1, Pkts: 21435, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.151.171.150, DL: 2, Dsts: 1, Pkts: 4704, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.147.237.228, DL: 2, Dsts: 1, Pkts: 4705, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.78.100, DL: 2, Dsts: 1, Pkts: 4706, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.234.28.3, DL: 2, Dsts: 1, Pkts: 2091, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.4.149.93, DL: 2, Dsts: 1, Pkts: 2092, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.61.159.112, DL: 2, Dsts: 1, Pkts: 21439, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.33.18.59, DL: 2, Dsts: 1, Pkts: 4707, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.161.58.246, DL: 2, Dsts: 1, Pkts: 21441, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.159.243.194, DL: 2, Dsts: 1, Pkts: 4708, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.137.73.34, DL: 2, Dsts: 1, Pkts: 19348, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  222.181.83.59, DL: 2, Dsts: 24, Pkts: 465105, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  212.87.106.51, DL: 2, Dsts: 1, Pkts: 4709, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.33.38.90, DL: 2, Dsts: 1, Pkts: 2095, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.86.59.228, DL: 2, Dsts: 24, Pkts: 467500, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  204.94.138.129, DL: 2, Dsts: 1, Pkts: 19516, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.75.88.134, DL: 2, Dsts: 1, Pkts: 2097, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  210.21.58.57, DL: 2, Dsts: 1, Pkts: 19519, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.162.63.2, DL: 2, Dsts: 1, Pkts: 4710, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.102.140.128, DL: 2, Dsts: 1, Pkts: 4711, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.126.79.90, DL: 2, Dsts: 1, Pkts: 4713, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  67.170.66.150, DL: 2, Dsts: 1, Pkts: 21730, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.17.188.11, DL: 2, Dsts: 1, Pkts: 21734, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.84.149.181, DL: 2, Dsts: 1, Pkts: 4714, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.250.154.92, DL: 2, Dsts: 1, Pkts: 19638, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.141.115.145, DL: 2, Dsts: 1, Pkts: 21739, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  12.99.100.239, DL: 2, Dsts: 3, Pkts: 14148, Unique sigs: 3

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.190.115.15, DL: 2, Dsts: 1, Pkts: 4718, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.8.32.252, DL: 2, Dsts: 2, Pkts: 9439, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.215.132.117, DL: 2, Dsts: 24, Pkts: 472236, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  68.2.189.137, DL: 2, Dsts: 1, Pkts: 2101, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  80.182.72.86, DL: 2, Dsts: 1, Pkts: 4721, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.192.100.165, DL: 2, Dsts: 24, Pkts: 473919, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  222.144.206.94, DL: 2, Dsts: 3, Pkts: 14169, Unique sigs: 3

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.164.98.112, DL: 2, Dsts: 1, Pkts: 4725, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.168.55.25, DL: 2, Dsts: 1, Pkts: 19782, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  64.29.130.50, DL: 2, Dsts: 24, Pkts: 475668, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.11.200.44, DL: 2, Dsts: 1, Pkts: 4726, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.15.220.205, DL: 2, Dsts: 1, Pkts: 2102, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.111.195.9, DL: 2, Dsts: 1, Pkts: 21960, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.102.141.37, DL: 2, Dsts: 2, Pkts: 9455, Unique sigs: 2

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.131.31.174, DL: 2, Dsts: 1, Pkts: 19860, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.189.170.86, DL: 2, Dsts: 1, Pkts: 21973, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.225.4, DL: 2, Dsts: 1, Pkts: 2105, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.51.162.240, DL: 2, Dsts: 1, Pkts: 19872, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.126.127.88, DL: 2, Dsts: 3, Pkts: 14190, Unique sigs: 3

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.21.202.143, DL: 2, Dsts: 3, Pkts: 59640, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204

SRC:  202.188.126.66, DL: 2, Dsts: 23, Pkts: 457988, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  68.173.222.110, DL: 2, Dsts: 4, Pkts: 18934, Unique sigs: 4

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.198.3.20, DL: 2, Dsts: 1, Pkts: 19939, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.152.207.126, DL: 2, Dsts: 24, Pkts: 515954, Unique sigs: 48

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 42-445 (32 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 3, Sid: 381
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 42-445 (21 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-445 (21 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-445 (21 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42-445 (21 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381

SRC:  68.191.141.7, DL: 2, Dsts: 1, Pkts: 2155, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.126.139.157, DL: 2, Dsts: 1, Pkts: 4736, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.89.150.58, DL: 2, Dsts: 1, Pkts: 2156, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.97.75.27, DL: 2, Dsts: 2, Pkts: 9475, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.149.94.74, DL: 2, Dsts: 1, Pkts: 20454, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  208.46.133.177, DL: 2, Dsts: 1, Pkts: 22612, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.94.95.82, DL: 2, Dsts: 1, Pkts: 4739, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.128.113.24, DL: 2, Dsts: 1, Pkts: 22614, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.102.12.126, DL: 2, Dsts: 24, Pkts: 491844, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  218.12.149.118, DL: 2, Dsts: 1, Pkts: 22690, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.208.201.219, DL: 2, Dsts: 1, Pkts: 4740, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.236.57.154, DL: 2, Dsts: 1, Pkts: 20532, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  221.6.245.151, DL: 2, Dsts: 1, Pkts: 20533, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  200.225.67.82, DL: 2, Dsts: 3, Pkts: 14226, Unique sigs: 3

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.146.168.56, DL: 2, Dsts: 1, Pkts: 20536, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.20.117.117, DL: 2, Dsts: 1, Pkts: 22697, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.187.69.196, DL: 2, Dsts: 1, Pkts: 2161, Unique sigs: 2

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  219.149.41.131, DL: 2, Dsts: 3, Pkts: 14235, Unique sigs: 3

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.178.222.213, DL: 2, Dsts: 1, Pkts: 20540, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.17.202.31, DL: 2, Dsts: 1, Pkts: 22705, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.145.193.31, DL: 2, Dsts: 1, Pkts: 4747, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.101.71.221, DL: 2, Dsts: 1, Pkts: 2163, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.125.66, DL: 2, Dsts: 1, Pkts: 4748, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.130.40.199, DL: 2, Dsts: 1, Pkts: 20544, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  209.215.86.182, DL: 2, Dsts: 1, Pkts: 2164, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.147.185.112, DL: 2, Dsts: 9, Pkts: 185006, Unique sigs: 7

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  68.61.172.153, DL: 2, Dsts: 1, Pkts: 4749, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.190.80.107, DL: 2, Dsts: 1, Pkts: 22736, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.47.37.117, DL: 2, Dsts: 24, Pkts: 494121, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  222.173.179.254, DL: 2, Dsts: 1, Pkts: 2166, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  151.30.207.102, DL: 2, Dsts: 1, Pkts: 4750, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.62.104.226, DL: 2, Dsts: 11, Pkts: 52330, Unique sigs: 11

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.127.178.211, DL: 2, Dsts: 1, Pkts: 4764, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.2.20.87, DL: 2, Dsts: 18, Pkts: 371079, Unique sigs: 18

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  81.70.94.198, DL: 2, Dsts: 1, Pkts: 4765, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.22.75.170, DL: 2, Dsts: 1, Pkts: 2167, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  4.27.251.56, DL: 2, Dsts: 1, Pkts: 4766, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.113.108.202, DL: 2, Dsts: 1, Pkts: 4767, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.167.176.152, DL: 2, Dsts: 1, Pkts: 4768, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.40.31.64, DL: 2, Dsts: 1, Pkts: 2168, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.15, DL: 2, Dsts: 1, Pkts: 4769, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.104.223.45, DL: 2, Dsts: 1, Pkts: 4770, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.196.69.187, DL: 2, Dsts: 24, Pkts: 495876, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  219.78.46.231, DL: 2, Dsts: 24, Pkts: 497604, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  218.94.61.217, DL: 2, Dsts: 1, Pkts: 20771, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.6.108.93, DL: 2, Dsts: 1, Pkts: 4771, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.76.15.49, DL: 2, Dsts: 24, Pkts: 498995, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  63.195.123.173, DL: 2, Dsts: 23, Pkts: 480746, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (5 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (12 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (7 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (15 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-139 (12 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (12 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135 (12 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (14 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (5 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-139 (15 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135 (12 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (8 packets)

SRC:  151.38.101.148, DL: 2, Dsts: 1, Pkts: 4772, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.95.174.81, DL: 2, Dsts: 23, Pkts: 483690, Unique sigs: 23
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  24.119.147.70, DL: 2, Dsts: 1, Pkts: 23233, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.180.224.39, DL: 2, Dsts: 1, Pkts: 21066, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.43.3.167, DL: 2, Dsts: 1, Pkts: 4773, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.180.212.186, DL: 2, Dsts: 1, Pkts: 4774, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.98.191.73, DL: 2, Dsts: 12, Pkts: 253026, Unique sigs: 12

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.232.144.73, DL: 2, Dsts: 3, Pkts: 6513, Unique sigs: 3

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.207.218.69, DL: 2, Dsts: 2, Pkts: 42235, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 80-6129 (25 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  68.136.22.77, DL: 2, Dsts: 1, Pkts: 4775, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.80.5.203, DL: 2, Dsts: 1, Pkts: 21245, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1025-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.190.160.118, DL: 2, Dsts: 1, Pkts: 4776, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  141.158.18.92, DL: 2, Dsts: 1, Pkts: 4777, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.1.202.31, DL: 2, Dsts: 1, Pkts: 21248, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.106.185.203, DL: 2, Dsts: 1, Pkts: 2173, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.127.177.185, DL: 2, Dsts: 6, Pkts: 28683, Unique sigs: 6

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.79.118, DL: 2, Dsts: 1, Pkts: 4784, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.79.221.75, DL: 2, Dsts: 1, Pkts: 4785, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.190.200.77, DL: 2, Dsts: 1, Pkts: 2174, Unique sigs: 1

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.188.72.11, DL: 2, Dsts: 1, Pkts: 2175, Unique sigs: 1

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.112.220.199, DL: 2, Dsts: 1, Pkts: 4786, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.132.176.78, DL: 2, Dsts: 1, Pkts: 4787, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.189.162.122, DL: 2, Dsts: 2, Pkts: 4353, Unique sigs: 2

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  80.191.107.242, DL: 2, Dsts: 1, Pkts: 4788, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.203.69.82, DL: 2, Dsts: 1, Pkts: 21251, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  63.28.165.164, DL: 2, Dsts: 1, Pkts: 2178, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.49.85.185, DL: 2, Dsts: 1, Pkts: 21254, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.43.205.83, DL: 2, Dsts: 24, Pkts: 510692, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  68.193.33.34, DL: 2, Dsts: 1, Pkts: 4789, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.136.183.243, DL: 2, Dsts: 11, Pkts: 52745, Unique sigs: 11

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.171.199.116, DL: 2, Dsts: 1, Pkts: 23481, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.10.81.10, DL: 2, Dsts: 1, Pkts: 4801, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  157.91.48.216, DL: 2, Dsts: 2, Pkts: 4361, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.128.138.203, DL: 2, Dsts: 1, Pkts: 4802, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.11.15.243, DL: 2, Dsts: 1, Pkts: 4803, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.184.166.178, DL: 2, Dsts: 1, Pkts: 21305, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.61.8.78, DL: 2, Dsts: 1, Pkts: 23494, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.194.100.27, DL: 2, Dsts: 9, Pkts: 43272, Unique sigs: 9

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.156.14.10, DL: 2, Dsts: 1, Pkts: 21315, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  167.7.184.200, DL: 2, Dsts: 1, Pkts: 2185, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  60.40.70.25, DL: 2, Dsts: 1, Pkts: 4813, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.76.162.33, DL: 2, Dsts: 24, Pkts: 513360, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204

SRC:  219.145.202.184, DL: 2, Dsts: 1, Pkts: 4814, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.12.124.251, DL: 2, Dsts: 2, Pkts: 9631, Unique sigs: 2

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.115.42.179, DL: 2, Dsts: 1, Pkts: 4817, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.183.74.70, DL: 2, Dsts: 1, Pkts: 4818, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  59.23.111.114, DL: 2, Dsts: 1, Pkts: 21462, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  62.126.79.69, DL: 2, Dsts: 1, Pkts: 4820, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  24.79.144.16, DL: 2, Dsts: 1, Pkts: 2186, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.237.240.2, DL: 2, Dsts: 1, Pkts: 4821, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.148.191.50, DL: 2, Dsts: 1, Pkts: 21490, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-1433 (28 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  62.126.79.70, DL: 2, Dsts: 1, Pkts: 4823, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  143.101.237.211, DL: 2, Dsts: 1, Pkts: 2187, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.137.233.27, DL: 2, Dsts: 1, Pkts: 2188, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  152.13.89.44, DL: 2, Dsts: 5, Pkts: 24130, Unique sigs: 5

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.173.242.2, DL: 2, Dsts: 1, Pkts: 2189, Unique sigs: 2

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.18.71.98, DL: 2, Dsts: 2, Pkts: 4381, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.186.220.25, DL: 2, Dsts: 1, Pkts: 4829, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.2.111.70, DL: 2, Dsts: 2, Pkts: 9661, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.217.37.115, DL: 2, Dsts: 1, Pkts: 4832, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.184.165.120, DL: 2, Dsts: 1, Pkts: 2192, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.182.149.179, DL: 2, Dsts: 1, Pkts: 23684, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.31.254.42, DL: 2, Dsts: 1, Pkts: 2194, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.212.186.12, DL: 2, Dsts: 1, Pkts: 21494, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.127.31.187, DL: 2, Dsts: 1, Pkts: 4833, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.173.221.58, DL: 2, Dsts: 1, Pkts: 4834, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.230.14.93, DL: 2, Dsts: 1, Pkts: 2195, Unique sigs: 2

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.188.80.47, DL: 2, Dsts: 1, Pkts: 23693, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.109.117.8, DL: 2, Dsts: 1, Pkts: 21500, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.41.254.190, DL: 2, Dsts: 1, Pkts: 4835, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.61.88.122, DL: 2, Dsts: 1, Pkts: 4836, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.134.74.248, DL: 2, Dsts: 1, Pkts: 23704, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.33.29.71, DL: 2, Dsts: 1, Pkts: 4837, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.146.27.79, DL: 2, Dsts: 1, Pkts: 4838, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.94.217.135, DL: 2, Dsts: 1, Pkts: 4839, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.68.189.88, DL: 2, Dsts: 1, Pkts: 21509, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.188.72.10, DL: 2, Dsts: 1, Pkts: 21529, Unique sigs: 0

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-1025 (20 packets)

SRC:  206.169.197.39, DL: 2, Dsts: 1, Pkts: 2198, Unique sigs: 2

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  65.43.64.238, DL: 2, Dsts: 1, Pkts: 2199, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.6.126, DL: 2, Dsts: 1, Pkts: 2200, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.9.84.7, DL: 2, Dsts: 1, Pkts: 21532, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.64.61.55, DL: 2, Dsts: 1, Pkts: 4840, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.77.65.204, DL: 2, Dsts: 1, Pkts: 4841, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.101.77.205, DL: 2, Dsts: 1, Pkts: 4842, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.219.62.41, DL: 2, Dsts: 7, Pkts: 33922, Unique sigs: 7

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.133.199.216, DL: 2, Dsts: 1, Pkts: 4850, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.251.170.194, DL: 2, Dsts: 1, Pkts: 4851, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.116.152.61, DL: 2, Dsts: 1, Pkts: 23736, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.90.233.155, DL: 2, Dsts: 1, Pkts: 23738, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.140.204.141, DL: 2, Dsts: 2, Pkts: 9705, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.42.234.58, DL: 2, Dsts: 1, Pkts: 2203, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.146.57.35, DL: 2, Dsts: 1, Pkts: 2204, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.162.198.246, DL: 2, Dsts: 1, Pkts: 2205, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.246.167.50, DL: 2, Dsts: 3, Pkts: 64626, Unique sigs: 3

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.209.81.253, DL: 2, Dsts: 6, Pkts: 129301, Unique sigs: 6
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  200.147.42.67, DL: 2, Dsts: 1, Pkts: 21555, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  12.110.19.136, DL: 2, Dsts: 1, Pkts: 23762, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.127.31.200, DL: 2, Dsts: 2, Pkts: 9709, Unique sigs: 2

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.73.50.207, DL: 2, Dsts: 1, Pkts: 21558, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.93.103.135, DL: 2, Dsts: 1, Pkts: 23768, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.91.96.231, DL: 2, Dsts: 1, Pkts: 2208, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.252.32.249, DL: 2, Dsts: 1, Pkts: 2209, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.201.91.214, DL: 2, Dsts: 1, Pkts: 2210, Unique sigs: 2

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  212.14.12.194, DL: 2, Dsts: 5, Pkts: 24290, Unique sigs: 5

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.84.124.153, DL: 2, Dsts: 23, Pkts: 547561, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  24.178.82.18, DL: 2, Dsts: 1, Pkts: 2257, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  208.209.195.217, DL: 2, Dsts: 2, Pkts: 9723, Unique sigs: 2

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.58.17.59, DL: 2, Dsts: 1, Pkts: 21624, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.88.160.101, DL: 2, Dsts: 2, Pkts: 4521, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  62.179.189.226, DL: 2, Dsts: 1, Pkts: 4863, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.157.95.96, DL: 2, Dsts: 1, Pkts: 2263, Unique sigs: 1

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.7.41.42, DL: 2, Dsts: 2, Pkts: 43257, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  212.253.68.205, DL: 2, Dsts: 1, Pkts: 4864, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.144.232.254, DL: 2, Dsts: 1, Pkts: 2264, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.136.214.93, DL: 2, Dsts: 2, Pkts: 9731, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.67.33, DL: 2, Dsts: 1, Pkts: 21633, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.162.230.204, DL: 2, Dsts: 1, Pkts: 21634, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.155.184.31, DL: 2, Dsts: 2, Pkts: 23902, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  172.158.45.162, DL: 2, Dsts: 1, Pkts: 4867, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.68.156.234, DL: 2, Dsts: 1, Pkts: 23904, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.90.160.250, DL: 2, Dsts: 1, Pkts: 2267, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.0.209.111, DL: 2, Dsts: 1, Pkts: 21639, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  218.107.148.24, DL: 2, Dsts: 24, Pkts: 519936, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.185.75.32, DL: 2, Dsts: 1, Pkts: 4868, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.190.81.13, DL: 2, Dsts: 1, Pkts: 23958, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.165.207.80, DL: 2, Dsts: 1, Pkts: 2269, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.0.99.22, DL: 2, Dsts: 1, Pkts: 4869, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.65.243.46, DL: 2, Dsts: 1, Pkts: 4870, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.150.169.11, DL: 2, Dsts: 4, Pkts: 19494, Unique sigs: 4

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.133.132.144, DL: 2, Dsts: 1, Pkts: 21692, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  211.195.249.128, DL: 2, Dsts: 1, Pkts: 2270, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  217.104.36.112, DL: 2, Dsts: 1, Pkts: 4876, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.24.139.6, DL: 2, Dsts: 24, Pkts: 521254, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  70.27.238.24, DL: 2, Dsts: 24, Pkts: 574870, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3306 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80-3306 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.85.107.238, DL: 2, Dsts: 7, Pkts: 34160, Unique sigs: 7

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.104.137.150, DL: 2, Dsts: 1, Pkts: 24084, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.125.87.211, DL: 2, Dsts: 24, Pkts: 523860, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  24.19.4.111, DL: 2, Dsts: 1, Pkts: 4884, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.104.120.241, DL: 2, Dsts: 1, Pkts: 2295, Unique sigs: 2

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  69.90.42.126, DL: 2, Dsts: 1, Pkts: 4885, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.179.222.215, DL: 2, Dsts: 1, Pkts: 2296, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.206.114.77, DL: 2, Dsts: 1, Pkts: 4886, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.158.224.70, DL: 2, Dsts: 1, Pkts: 4887, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.77.26.43, DL: 2, Dsts: 1, Pkts: 21864, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  220.168.88.3, DL: 2, Dsts: 1, Pkts: 2297, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.203.244.142, DL: 2, Dsts: 1, Pkts: 4888, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.15.30.160, DL: 2, Dsts: 1, Pkts: 2298, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.28.46.144, DL: 2, Dsts: 1, Pkts: 21867, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  82.72.28.222, DL: 2, Dsts: 1, Pkts: 21870, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.83.155.77, DL: 2, Dsts: 24, Pkts: 119298, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1027, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1027, Sid: 100196
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1026, Sid: 100196
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1027, Sid: 100196
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1026, Sid: 100196
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1026, Sid: 100196
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1027 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1027, Sid: 100196
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1026-1027 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1026, Sid: 100196
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196

SRC:  209.80.136.4, DL: 2, Dsts: 3, Pkts: 28771, Unique sigs: 3

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.21.80.114, DL: 2, Dsts: 1, Pkts: 5042, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.13.26.144, DL: 2, Dsts: 1, Pkts: 2302, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.47.133.16, DL: 2, Dsts: 1, Pkts: 5043, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.173.7.234, DL: 2, Dsts: 1, Pkts: 2303, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.241.99.107, DL: 2, Dsts: 1, Pkts: 21874, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  161.2.67.31, DL: 2, Dsts: 1, Pkts: 2304, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.115.143.59, DL: 2, Dsts: 1, Pkts: 5044, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.7.55.15, DL: 2, Dsts: 1, Pkts: 5045, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.37.88.136, DL: 2, Dsts: 1, Pkts: 2305, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.90.238.254, DL: 2, Dsts: 1, Pkts: 2306, Unique sigs: 1

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.172.177.105, DL: 2, Dsts: 1, Pkts: 2307, Unique sigs: 2

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  82.145.136.200, DL: 2, Dsts: 1, Pkts: 21877, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.145.138.252, DL: 2, Dsts: 1, Pkts: 5046, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.174.102.79, DL: 2, Dsts: 1, Pkts: 24269, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.166.188.46, DL: 2, Dsts: 1, Pkts: 5047, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.189.128.22, DL: 2, Dsts: 2, Pkts: 4619, Unique sigs: 2

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.14.199.237, DL: 2, Dsts: 2, Pkts: 10097, Unique sigs: 2

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.5.174.25, DL: 2, Dsts: 1, Pkts: 24273, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.15.140.130, DL: 2, Dsts: 1, Pkts: 2312, Unique sigs: 2

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.12.129.210, DL: 2, Dsts: 1, Pkts: 5050, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.205.190.59, DL: 2, Dsts: 1, Pkts: 5051, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.17.27.70, DL: 2, Dsts: 2, Pkts: 10105, Unique sigs: 2

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.77.229.171, DL: 2, Dsts: 19, Pkts: 417673, Unique sigs: 19
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  61.144.102.191, DL: 2, Dsts: 1, Pkts: 2313, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.89.60.117, DL: 2, Dsts: 1, Pkts: 5054, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.161.70.111, DL: 2, Dsts: 1, Pkts: 2315, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  222.33.95.96, DL: 2, Dsts: 1, Pkts: 22006, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  81.136.35.182, DL: 2, Dsts: 1, Pkts: 5055, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.17.79.12, DL: 2, Dsts: 1, Pkts: 2316, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.21.6.205, DL: 2, Dsts: 3, Pkts: 15171, Unique sigs: 3

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.212.100.193, DL: 2, Dsts: 1, Pkts: 5059, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.237.4.43, DL: 2, Dsts: 1, Pkts: 5060, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.185.205.78, DL: 2, Dsts: 1, Pkts: 22009, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  212.102.12.34, DL: 2, Dsts: 1, Pkts: 22011, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  210.74.38.100, DL: 2, Dsts: 1, Pkts: 22013, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  208.62.80.200, DL: 2, Dsts: 1, Pkts: 24331, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.197.49.61, DL: 2, Dsts: 24, Pkts: 601683, Unique sigs: 48

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 35, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 35, Sid: 381
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-445 (51 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 34, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 34, Sid: 381
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-445 (27 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 30, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 30, Sid: 381
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 42-445 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 32, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 32, Sid: 381
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-445 (44 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 30, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 30, Sid: 381
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-445 (28 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 31, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 31, Sid: 381
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 42-445 (49 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 34, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 34, Sid: 381
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-445 (31 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 31, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 31, Sid: 381
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-445 (18 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 33, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 33, Sid: 381
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-445 (21 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 29, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 29, Sid: 381
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-445 (28 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 31, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 31, Sid: 381
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 42-445 (30 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 26, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 26, Sid: 381
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-445 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 31, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 31, Sid: 381
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-445 (20 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 31, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 31, Sid: 381
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-445 (33 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 27, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 27, Sid: 381
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-445 (18 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 32, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 32, Sid: 381
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 42-445 (26 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 24, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 24, Sid: 381
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 28, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 28, Sid: 381
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 42-445 (17 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 33, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 33, Sid: 381
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-445 (40 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 32, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 32, Sid: 381
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42-445 (62 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 31, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 31, Sid: 381
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-445 (11 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 34, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 34, Sid: 381
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-445 (32 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 27, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 27, Sid: 381
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-445 (22 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 33, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 33, Sid: 381

SRC:  70.115.52.132, DL: 2, Dsts: 1, Pkts: 25722, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.109.210.230, DL: 2, Dsts: 1, Pkts: 3058, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.248.167.132, DL: 2, Dsts: 24, Pkts: 544860, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  208.182.220.1, DL: 2, Dsts: 2, Pkts: 6121, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.25.160.239, DL: 2, Dsts: 1, Pkts: 22741, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1080-3128 (4 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  61.1.108.159, DL: 2, Dsts: 1, Pkts: 22744, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  168.234.251.64, DL: 2, Dsts: 1, Pkts: 5061, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.81.91.118, DL: 2, Dsts: 24, Pkts: 546756, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  211.216.29.43, DL: 2, Dsts: 24, Pkts: 547884, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  207.38.200.198, DL: 2, Dsts: 1, Pkts: 5062, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.185.27.145, DL: 2, Dsts: 1, Pkts: 25903, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.173.231.86, DL: 2, Dsts: 1, Pkts: 22850, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.187.77.221, DL: 2, Dsts: 4, Pkts: 20258, Unique sigs: 4

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.70.48.152, DL: 2, Dsts: 1, Pkts: 5067, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.161.52.118, DL: 2, Dsts: 1, Pkts: 22851, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  222.145.151.231, DL: 2, Dsts: 1, Pkts: 5068, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.203.37.148, DL: 2, Dsts: 1, Pkts: 5069, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.109.3.10, DL: 2, Dsts: 24, Pkts: 740674, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1-5093 (3 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1 (2 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1 (2 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1 (2 packets)
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1 (2 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1 (2 packets)
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1 (2 packets)
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1-5093 (4 packets)
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  218.28.1.162, DL: 2, Dsts: 20, Pkts: 458352, Unique sigs: 20

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.15.25.124, DL: 2, Dsts: 18, Pkts: 413001, Unique sigs: 18

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  84.65.152.26, DL: 2, Dsts: 1, Pkts: 5149, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.228.204.107, DL: 2, Dsts: 1, Pkts: 22954, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  24.234.222.173, DL: 2, Dsts: 1, Pkts: 26066, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.94.218.201, DL: 2, Dsts: 1, Pkts: 5150, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.69.171.114, DL: 2, Dsts: 1, Pkts: 22958, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.56.238.195, DL: 2, Dsts: 1, Pkts: 5151, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.169.32.98, DL: 2, Dsts: 2, Pkts: 6225, Unique sigs: 2

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  144.16.89.240, DL: 2, Dsts: 1, Pkts: 3114, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.233.190.58, DL: 2, Dsts: 1, Pkts: 22960, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  67.95.77.87, DL: 2, Dsts: 24, Pkts: 551582, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.17.32.114, DL: 2, Dsts: 1, Pkts: 26121, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.76.139.18, DL: 2, Dsts: 2, Pkts: 29240, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.238.110.100, DL: 2, Dsts: 24, Pkts: 553060, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.12.131.197, DL: 2, Dsts: 1, Pkts: 5152, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.94.41.89, DL: 2, Dsts: 2, Pkts: 29317, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  210.245.236.79, DL: 2, Dsts: 1, Pkts: 26203, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.182.202.67, DL: 2, Dsts: 23, Pkts: 118976, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.127.116.79, DL: 2, Dsts: 1, Pkts: 26205, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.130.153, DL: 2, Dsts: 1, Pkts: 5192, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.89.201.75, DL: 2, Dsts: 1, Pkts: 23086, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  60.63.173.209, DL: 2, Dsts: 1, Pkts: 23087, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077

SRC:  61.141.173.108, DL: 2, Dsts: 2, Pkts: 46181, Unique sigs: 2

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.192.25.183, DL: 2, Dsts: 1, Pkts: 23094, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  207.243.156.65, DL: 2, Dsts: 1, Pkts: 26218, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.92.190, DL: 2, Dsts: 1, Pkts: 3124, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.197.127.110, DL: 2, Dsts: 7, Pkts: 36372, Unique sigs: 7

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.97.81.225, DL: 2, Dsts: 2, Pkts: 6251, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.20.223.81, DL: 2, Dsts: 1, Pkts: 3127, Unique sigs: 1

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.191.136.122, DL: 2, Dsts: 1, Pkts: 26226, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.159.88.70, DL: 2, Dsts: 1, Pkts: 3129, Unique sigs: 1

    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  85.96.152.142, DL: 2, Dsts: 1, Pkts: 5200, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.15.88.211, DL: 2, Dsts: 1, Pkts: 3130, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.126.67.127, DL: 2, Dsts: 2, Pkts: 10403, Unique sigs: 2

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.32.89.18, DL: 2, Dsts: 24, Pkts: 555843, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205

SRC:  24.96.77.210, DL: 2, Dsts: 1, Pkts: 5203, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.124.156.58, DL: 2, Dsts: 1, Pkts: 5204, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.57.225.39, DL: 2, Dsts: 1, Pkts: 5205, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.60.120, DL: 2, Dsts: 1, Pkts: 23219, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.220.168.235, DL: 2, Dsts: 1, Pkts: 5206, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.12.231.150, DL: 2, Dsts: 20, Pkts: 104511, Unique sigs: 20

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  202.69.97.158, DL: 2, Dsts: 1, Pkts: 3131, Unique sigs: 2

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  62.150.64.62, DL: 2, Dsts: 1, Pkts: 5245, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.233.130.72, DL: 2, Dsts: 5, Pkts: 26254, Unique sigs: 5

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  205.177.74.11, DL: 2, Dsts: 3, Pkts: 15768, Unique sigs: 3

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.49.98.142, DL: 2, Dsts: 1, Pkts: 5258, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  204.97.197.192, DL: 2, Dsts: 1, Pkts: 23221, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  67.153.30.173, DL: 2, Dsts: 2, Pkts: 52716, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.19.216.2, DL: 2, Dsts: 2, Pkts: 52732, Unique sigs: 2

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.153.71.0, DL: 2, Dsts: 1, Pkts: 3136, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.41.154.130, DL: 2, Dsts: 24, Pkts: 558492, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  159.134.195.100, DL: 2, Dsts: 3, Pkts: 15780, Unique sigs: 3

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.8.217.62, DL: 2, Dsts: 1, Pkts: 5262, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  196.14.169.11, DL: 2, Dsts: 1, Pkts: 3137, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.19.217.21, DL: 2, Dsts: 1, Pkts: 5263, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  165.165.49.214, DL: 2, Dsts: 2, Pkts: 10529, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.113.13.99, DL: 2, Dsts: 1, Pkts: 23307, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (2 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 2, DP: 31105, SYN, Sid: 2182

SRC:  206.48.58.3, DL: 2, Dsts: 1, Pkts: 5266, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  193.220.86.4, DL: 2, Dsts: 1, Pkts: 26446, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.198.245.245, DL: 2, Dsts: 1, Pkts: 26448, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.91.44.56, DL: 2, Dsts: 1, Pkts: 5267, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.32.168, DL: 2, Dsts: 1, Pkts: 5268, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.146.57.34, DL: 2, Dsts: 1, Pkts: 3140, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.126.26.83, DL: 2, Dsts: 23, Pkts: 537998, Unique sigs: 38

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 901-27374 (4 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 1, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 12345 (1 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 901-27374 (9 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 901-27374 (6 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 2, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 12345 (1 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 901-27374 (9 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 901-12345 (3 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 2, DP: 12345, SYN, Sid: 100028
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 901-27374 (9 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 2, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 901-12345 (2 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 901-27374 (4 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 1, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 12345 (2 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 2, DP: 12345, SYN, Sid: 100028
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 27374 (1 packets)
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 1, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 901-27374 (8 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 901-3410 (2 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 12345-27374 (3 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 2, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 1, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207

SRC:  68.254.147.60, DL: 2, Dsts: 1, Pkts: 5269, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.77.129, DL: 2, Dsts: 1, Pkts: 3141, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.89.65, DL: 2, Dsts: 1, Pkts: 3143, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  134.129.51.89, DL: 2, Dsts: 1, Pkts: 5270, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.150.186.207, DL: 2, Dsts: 1, Pkts: 3144, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.43.32.104, DL: 2, Dsts: 1, Pkts: 26617, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.187.133.61, DL: 2, Dsts: 1, Pkts: 3146, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.3.230.131, DL: 2, Dsts: 2, Pkts: 53248, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.186.19.70, DL: 2, Dsts: 1, Pkts: 3149, Unique sigs: 2

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  220.145.248.24, DL: 2, Dsts: 1, Pkts: 23481, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  80.175.242.33, DL: 2, Dsts: 24, Pkts: 564437, Unique sigs: 24
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204

SRC:  211.172.33.120, DL: 2, Dsts: 1, Pkts: 23558, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.125.66.213, DL: 2, Dsts: 1, Pkts: 26711, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.126.105.73, DL: 2, Dsts: 1, Pkts: 5271, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.10.126.28, DL: 2, Dsts: 1, Pkts: 3151, Unique sigs: 2

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  200.90.201.167, DL: 2, Dsts: 1, Pkts: 23563, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.12.129.149, DL: 2, Dsts: 1, Pkts: 5272, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.22.241.56, DL: 2, Dsts: 2, Pkts: 10547, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.206.168.237, DL: 2, Dsts: 1, Pkts: 23564, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.147.178.237, DL: 2, Dsts: 1, Pkts: 26717, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.166.217.72, DL: 2, Dsts: 1, Pkts: 5275, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.230.159.106, DL: 2, Dsts: 1, Pkts: 5276, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.208.2.1, DL: 2, Dsts: 1, Pkts: 26719, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.166.134.212, DL: 2, Dsts: 24, Pkts: 566468, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  222.82.236.245, DL: 2, Dsts: 22, Pkts: 520245, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  220.111.105.233, DL: 2, Dsts: 1, Pkts: 5277, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.225.167.130, DL: 2, Dsts: 1, Pkts: 5278, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.75.95, DL: 2, Dsts: 1, Pkts: 5279, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.254.54.41, DL: 2, Dsts: 1, Pkts: 23667, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.191.251.239, DL: 2, Dsts: 1, Pkts: 5280, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.5.16.106, DL: 2, Dsts: 1, Pkts: 23670, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.18.74.61, DL: 2, Dsts: 1, Pkts: 3154, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.202.185.113, DL: 2, Dsts: 2, Pkts: 10563, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.1.175.99, DL: 2, Dsts: 1, Pkts: 5283, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.23.63.218, DL: 2, Dsts: 1, Pkts: 23673, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.163.167.28, DL: 2, Dsts: 1, Pkts: 3155, Unique sigs: 1

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.194.135.23, DL: 2, Dsts: 1, Pkts: 5284, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.191.113.106, DL: 2, Dsts: 1, Pkts: 3156, Unique sigs: 1

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.125.130.217, DL: 2, Dsts: 1, Pkts: 3157, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.202.196.149, DL: 2, Dsts: 6, Pkts: 31726, Unique sigs: 6

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  172.161.13.226, DL: 2, Dsts: 1, Pkts: 23676, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  82.40.17.147, DL: 2, Dsts: 1, Pkts: 23679, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.16.19.200, DL: 2, Dsts: 1, Pkts: 23680, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  24.178.173.150, DL: 2, Dsts: 24, Pkts: 569220, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.17.82.226, DL: 2, Dsts: 1, Pkts: 5292, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.159.196.90, DL: 2, Dsts: 2, Pkts: 50671, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  129.82.85.238, DL: 2, Dsts: 1, Pkts: 3159, Unique sigs: 2

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  201.240.47.28, DL: 2, Dsts: 2, Pkts: 47525, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.153.94.44, DL: 2, Dsts: 2, Pkts: 6321, Unique sigs: 2

    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.187.75.182, DL: 2, Dsts: 1, Pkts: 23766, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  163.195.132.14, DL: 2, Dsts: 24, Pkts: 571003, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 8000 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 8000 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 8000 (1 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 8000 (1 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 8000 (1 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 8000 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 8000 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 8000 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084

SRC:  222.144.207.221, DL: 2, Dsts: 1, Pkts: 5293, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.133.137.45, DL: 2, Dsts: 1, Pkts: 26991, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.40.169.191, DL: 2, Dsts: 1, Pkts: 23831, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  60.39.194.236, DL: 2, Dsts: 1, Pkts: 5294, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.219.64, DL: 2, Dsts: 1, Pkts: 3163, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.170.10.215, DL: 2, Dsts: 1, Pkts: 3164, Unique sigs: 2

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  220.97.234.206, DL: 2, Dsts: 1, Pkts: 5295, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.20.13.34, DL: 2, Dsts: 1, Pkts: 3165, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.8.206.121, DL: 2, Dsts: 1, Pkts: 26998, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.190.92.20, DL: 2, Dsts: 16, Pkts: 86091, Unique sigs: 16

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026-1027 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1027, Sid: 100196
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1026-1027 (26 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 26, DP: 1027, Sid: 100196
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1026-1027 (17 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 17, DP: 1027, Sid: 100196
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1026-1027 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1027, Sid: 100196
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1026-1027 (13 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 13, DP: 1027, Sid: 100196
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1027 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1027, Sid: 100196
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1026-1027 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1027, Sid: 100196
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1026-1027 (11 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 11, DP: 1027, Sid: 100196
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026-1027 (21 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 21, DP: 1027, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026-1027 (17 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 17, DP: 1026, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1027, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1027, Sid: 100196
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1027 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1027, Sid: 100196
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026-1027 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1027, Sid: 100196
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1026-1027 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1027, Sid: 100196

SRC:  218.77.183.76, DL: 2, Dsts: 1, Pkts: 23835, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  83.192.34.221, DL: 2, Dsts: 1, Pkts: 5441, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.206.160.184, DL: 2, Dsts: 1, Pkts: 23838, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.16.80.78, DL: 2, Dsts: 1, Pkts: 5442, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.77.160, DL: 2, Dsts: 1, Pkts: 5443, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  158.59.26.2, DL: 2, Dsts: 2, Pkts: 54016, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.247.190.244, DL: 2, Dsts: 3, Pkts: 71550, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204

SRC:  221.138.126.154, DL: 2, Dsts: 1, Pkts: 23857, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.170.159.6, DL: 2, Dsts: 1, Pkts: 27033, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.93.25.237, DL: 2, Dsts: 24, Pkts: 573636, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  218.190.55.111, DL: 2, Dsts: 8, Pkts: 43585, Unique sigs: 8

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.177.58, DL: 2, Dsts: 8, Pkts: 43652, Unique sigs: 8

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.144.40.122, DL: 2, Dsts: 1, Pkts: 23937, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  211.20.249.28, DL: 2, Dsts: 1, Pkts: 5461, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.29.167.160, DL: 2, Dsts: 1, Pkts: 5462, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.49.102.191, DL: 2, Dsts: 1, Pkts: 5463, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.187.13.208, DL: 2, Dsts: 2, Pkts: 10929, Unique sigs: 2

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.75.143, DL: 2, Dsts: 3, Pkts: 16401, Unique sigs: 3

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.142.203.41, DL: 2, Dsts: 1, Pkts: 5469, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.222.84.162, DL: 2, Dsts: 1, Pkts: 3170, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.216.10.199, DL: 2, Dsts: 1, Pkts: 3171, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.60.174, DL: 2, Dsts: 1, Pkts: 3172, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.84.191.202, DL: 2, Dsts: 1, Pkts: 23940, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  81.181.16.187, DL: 2, Dsts: 24, Pkts: 575460, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  222.248.30.121, DL: 2, Dsts: 1, Pkts: 24015, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.124.118.30, DL: 2, Dsts: 1, Pkts: 5470, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.174.10.126, DL: 2, Dsts: 1, Pkts: 27189, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.9.11.28, DL: 2, Dsts: 1, Pkts: 3174, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.84.10.28, DL: 2, Dsts: 1, Pkts: 24019, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  80.99.96.32, DL: 2, Dsts: 11, Pkts: 264407, Unique sigs: 11

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  203.72.21.45, DL: 2, Dsts: 1, Pkts: 3175, Unique sigs: 2

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  192.0.1.13, DL: 2, Dsts: 1, Pkts: 5471, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.35.83.91, DL: 2, Dsts: 2, Pkts: 10945, Unique sigs: 2

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  204.210.178.153, DL: 2, Dsts: 2, Pkts: 10949, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.26.12.96, DL: 2, Dsts: 1, Pkts: 3176, Unique sigs: 1

    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.199.118.55, DL: 2, Dsts: 2, Pkts: 10953, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.235.201.68, DL: 2, Dsts: 1, Pkts: 5478, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.191.78.150, DL: 2, Dsts: 1, Pkts: 5479, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.12.223.126, DL: 2, Dsts: 24, Pkts: 132212, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.113.73.12, DL: 2, Dsts: 1, Pkts: 3177, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.124.148.149, DL: 2, Dsts: 2, Pkts: 6357, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.132.242.227, DL: 2, Dsts: 1, Pkts: 27310, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.0.19.11, DL: 2, Dsts: 8, Pkts: 44324, Unique sigs: 8

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.247.30.77, DL: 2, Dsts: 1, Pkts: 5545, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.193.54.151, DL: 2, Dsts: 1, Pkts: 27314, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.94.61.187, DL: 2, Dsts: 24, Pkts: 580092, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  222.137.159.20, DL: 2, Dsts: 1, Pkts: 24208, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  203.83.170.141, DL: 2, Dsts: 1, Pkts: 24211, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  65.187.197.175, DL: 2, Dsts: 1, Pkts: 3182, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.154.103.182, DL: 2, Dsts: 23, Pkts: 630867, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  81.192.179.181, DL: 2, Dsts: 1, Pkts: 5546, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.214.2.201, DL: 2, Dsts: 21, Pkts: 509427, Unique sigs: 21

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  218.13.188.221, DL: 2, Dsts: 1, Pkts: 24279, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  222.184.251.66, DL: 2, Dsts: 1, Pkts: 24281, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.180.78.67, DL: 2, Dsts: 1, Pkts: 3229, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.117.33.98, DL: 2, Dsts: 1, Pkts: 5547, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.94.56.206, DL: 2, Dsts: 24, Pkts: 583644, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  219.79.126.65, DL: 2, Dsts: 1, Pkts: 24356, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.188.68.191, DL: 2, Dsts: 1, Pkts: 3230, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.248.80.102, DL: 2, Dsts: 1, Pkts: 29970, Unique sigs: 3

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 7-43981 (53 packets)
        Scanned ports: FORWARD br0 tcp 68-32783 (14 packets)
        Signature match: "POLICY vncviewer Java applet communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5802, SYN, Sid: 1846
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
        Signature match: "RPC portmap listing UDP 32771" (udp), Chain: FORWARD, Count: 1, DP: 32771, Sid: 1281

SRC:  218.189.138.131, DL: 2, Dsts: 1, Pkts: 5601, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.247.201.9, DL: 2, Dsts: 1, Pkts: 3231, Unique sigs: 2

    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  62.46.164.91, DL: 2, Dsts: 1, Pkts: 5602, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.66.20.93, DL: 2, Dsts: 1, Pkts: 5603, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.178.110.71, DL: 2, Dsts: 1, Pkts: 5604, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  193.109.122.41, DL: 2, Dsts: 1, Pkts: 24373, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 407-3128 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  200.182.115.82, DL: 2, Dsts: 2, Pkts: 11211, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  85.70.45.59, DL: 2, Dsts: 1, Pkts: 24376, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.127.29.87, DL: 2, Dsts: 1, Pkts: 5607, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.161.151.26, DL: 2, Dsts: 3, Pkts: 16827, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.148.132.12, DL: 2, Dsts: 5, Pkts: 28065, Unique sigs: 5

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.97.85.108, DL: 2, Dsts: 1, Pkts: 24475, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1234-65500 (99 packets)

SRC:  69.19.154.124, DL: 2, Dsts: 19, Pkts: 465420, Unique sigs: 19

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 8000 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084

SRC:  217.24.121.80, DL: 2, Dsts: 24, Pkts: 589236, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  218.200.142.133, DL: 2, Dsts: 1, Pkts: 24589, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.201.88.209, DL: 2, Dsts: 1, Pkts: 24607, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135-6129 (18 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  172.199.101.195, DL: 2, Dsts: 1, Pkts: 27840, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.147.126.13, DL: 2, Dsts: 3, Pkts: 16851, Unique sigs: 3

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.117.237.130, DL: 2, Dsts: 1, Pkts: 5619, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.192.247.163, DL: 2, Dsts: 1, Pkts: 5620, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.98.191.130, DL: 2, Dsts: 24, Pkts: 591607, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  207.142.136.47, DL: 2, Dsts: 24, Pkts: 592990, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  203.187.248.164, DL: 2, Dsts: 1, Pkts: 24733, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.87.160.159, DL: 2, Dsts: 13, Pkts: 321620, Unique sigs: 13

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  84.247.49.96, DL: 2, Dsts: 1, Pkts: 5621, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.231.168.20, DL: 2, Dsts: 1, Pkts: 5622, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.170.34, DL: 2, Dsts: 2, Pkts: 11247, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.42.40.138, DL: 2, Dsts: 1, Pkts: 24749, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.25.254.1, DL: 2, Dsts: 1, Pkts: 3233, Unique sigs: 1

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.27.59.20, DL: 2, Dsts: 1, Pkts: 5625, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.104.2.214, DL: 2, Dsts: 1, Pkts: 5626, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.57.89, DL: 2, Dsts: 1, Pkts: 3234, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.148.1.54, DL: 2, Dsts: 1, Pkts: 5627, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.69.5.227, DL: 2, Dsts: 1, Pkts: 5628, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.43.185.130, DL: 2, Dsts: 1, Pkts: 5629, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.212.142.232, DL: 2, Dsts: 1, Pkts: 5630, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.131.79.17, DL: 2, Dsts: 1, Pkts: 5631, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.35.154.178, DL: 2, Dsts: 1, Pkts: 5632, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.227.230.25, DL: 2, Dsts: 1, Pkts: 5633, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.162.51.121, DL: 2, Dsts: 1, Pkts: 5634, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.158.27.136, DL: 2, Dsts: 1, Pkts: 27987, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.31.191.39, DL: 2, Dsts: 2, Pkts: 11271, Unique sigs: 2

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.17.149.198, DL: 2, Dsts: 1, Pkts: 27989, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.56.122, DL: 2, Dsts: 1, Pkts: 3237, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.25.104.37, DL: 2, Dsts: 1, Pkts: 5637, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.139.122.98, DL: 2, Dsts: 1, Pkts: 5638, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.126.26.10, DL: 2, Dsts: 3, Pkts: 16920, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.95.248.10, DL: 2, Dsts: 1, Pkts: 5642, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.8.135.14, DL: 2, Dsts: 24, Pkts: 594772, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  62.93.164.81, DL: 2, Dsts: 1, Pkts: 24810, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  216.12.34.221, DL: 2, Dsts: 1, Pkts: 3238, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.114.154.120, DL: 2, Dsts: 1, Pkts: 3239, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.86, DL: 2, Dsts: 3, Pkts: 16932, Unique sigs: 3

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.134.23.171, DL: 2, Dsts: 1, Pkts: 28051, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  80.11.2.88, DL: 2, Dsts: 1, Pkts: 24814, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.134.56.4, DL: 2, Dsts: 22, Pkts: 124628, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  218.6.43.156, DL: 2, Dsts: 1, Pkts: 28056, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.52.124.167, DL: 2, Dsts: 1, Pkts: 5684, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.75.42, DL: 2, Dsts: 3, Pkts: 17058, Unique sigs: 3

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.31.173.138, DL: 2, Dsts: 1, Pkts: 24818, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.122.101.229, DL: 2, Dsts: 1, Pkts: 5688, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.134.49.34, DL: 2, Dsts: 24, Pkts: 138951, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1027, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1026, Sid: 100196
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1027, Sid: 100196
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1026-1027 (11 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 11, DP: 1026, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1027, Sid: 100196
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1027, Sid: 100196
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1026 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1027, Sid: 100196
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1026, Sid: 100196
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1026-1027 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1026, Sid: 100196
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1027, Sid: 100196
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1027, Sid: 100196
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1027, Sid: 100196
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1026, Sid: 100196
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1026, Sid: 100196
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1026, Sid: 100196

SRC:  211.211.34.91, DL: 2, Dsts: 16, Pkts: 397352, Unique sigs: 16

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  61.168.42.5, DL: 2, Dsts: 24, Pkts: 597066, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  200.63.225.105, DL: 2, Dsts: 1, Pkts: 24907, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.25.72.130, DL: 2, Dsts: 1, Pkts: 24909, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  202.8.229.210, DL: 2, Dsts: 1, Pkts: 3243, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  24.63.13.3, DL: 2, Dsts: 1, Pkts: 5873, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.3.113.41, DL: 2, Dsts: 1, Pkts: 5874, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.176.211.96, DL: 2, Dsts: 1, Pkts: 3244, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.71.197.172, DL: 2, Dsts: 1, Pkts: 3245, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.80.235.66, DL: 2, Dsts: 1, Pkts: 28156, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.32.224.151, DL: 2, Dsts: 1, Pkts: 5875, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.191.136.202, DL: 2, Dsts: 1, Pkts: 24913, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.150.170.234, DL: 2, Dsts: 20, Pkts: 117978, Unique sigs: 20

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208

SRC:  142.68.101.98, DL: 2, Dsts: 1, Pkts: 5923, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.126.239.41, DL: 2, Dsts: 1, Pkts: 28163, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.224.56.66, DL: 2, Dsts: 1, Pkts: 24919, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.207.26.62, DL: 2, Dsts: 1, Pkts: 5924, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.126.230.215, DL: 2, Dsts: 1, Pkts: 5925, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.175.154.152, DL: 2, Dsts: 1, Pkts: 5926, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.84.91.159, DL: 2, Dsts: 1, Pkts: 5927, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.188.202.174, DL: 2, Dsts: 1, Pkts: 5928, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  165.24.69.93, DL: 2, Dsts: 4, Pkts: 12998, Unique sigs: 4

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.224.109.140, DL: 2, Dsts: 8, Pkts: 47460, Unique sigs: 8

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.65.75.125, DL: 2, Dsts: 1, Pkts: 5937, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.26.114.154, DL: 2, Dsts: 2, Pkts: 31427, Unique sigs: 2

    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.149.122.2, DL: 2, Dsts: 24, Pkts: 598991, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.29.21.112, DL: 2, Dsts: 1, Pkts: 5938, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.31.122.171, DL: 2, Dsts: 1, Pkts: 24991, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  213.42.58.233, DL: 2, Dsts: 1, Pkts: 3254, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.212.98, DL: 2, Dsts: 24, Pkts: 600775, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  24.7.205.153, DL: 2, Dsts: 1, Pkts: 5939, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.15.183.6, DL: 2, Dsts: 3, Pkts: 75222, Unique sigs: 3

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  24.30.129.48, DL: 2, Dsts: 1, Pkts: 28333, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.102.139.127, DL: 2, Dsts: 2, Pkts: 11881, Unique sigs: 2

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.182.211.137, DL: 2, Dsts: 1, Pkts: 5942, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.40.98.174, DL: 2, Dsts: 1, Pkts: 5943, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.167.196.40, DL: 2, Dsts: 1, Pkts: 25081, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  217.41.26.79, DL: 2, Dsts: 1, Pkts: 5944, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.168.132.246, DL: 2, Dsts: 2, Pkts: 11891, Unique sigs: 2

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.41.29.194, DL: 2, Dsts: 4, Pkts: 23794, Unique sigs: 4

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.33.104.153, DL: 2, Dsts: 1, Pkts: 5951, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.164.243.83, DL: 2, Dsts: 1, Pkts: 25084, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.133.109.171, DL: 2, Dsts: 1, Pkts: 25086, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.54.160.198, DL: 2, Dsts: 1, Pkts: 25121, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  66.76.223.140, DL: 2, Dsts: 1, Pkts: 28380, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.56.233, DL: 2, Dsts: 10, Pkts: 59565, Unique sigs: 10

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  137.65.77.69, DL: 2, Dsts: 1, Pkts: 3257, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.139.140.209, DL: 2, Dsts: 24, Pkts: 603276, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  200.50.92.219, DL: 2, Dsts: 1, Pkts: 28407, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.146.196.122, DL: 2, Dsts: 5, Pkts: 29820, Unique sigs: 5

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.71.167.171, DL: 2, Dsts: 1, Pkts: 3259, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.67.159.88, DL: 2, Dsts: 1, Pkts: 5967, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.179.10.212, DL: 2, Dsts: 1, Pkts: 28410, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.177.247.76, DL: 2, Dsts: 2, Pkts: 56830, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.126.79.227, DL: 2, Dsts: 1, Pkts: 5968, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  151.200.174.166, DL: 2, Dsts: 1, Pkts: 3263, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.79.198.211, DL: 2, Dsts: 1, Pkts: 25162, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  24.152.192.77, DL: 2, Dsts: 1, Pkts: 28451, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.79.195.73, DL: 2, Dsts: 2, Pkts: 50386, Unique sigs: 2

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204

SRC:  4.252.41.192, DL: 2, Dsts: 1, Pkts: 5969, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  167.95.158.61, DL: 2, Dsts: 1, Pkts: 28461, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.141.24.188, DL: 2, Dsts: 1, Pkts: 3266, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.0.121.2, DL: 2, Dsts: 1, Pkts: 5970, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.179.35.3, DL: 2, Dsts: 24, Pkts: 605278, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  204.102.106.103, DL: 2, Dsts: 1, Pkts: 28510, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.58.151.168, DL: 2, Dsts: 1, Pkts: 5971, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.224.72.145, DL: 2, Dsts: 1, Pkts: 28512, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  208.11.177.4, DL: 2, Dsts: 24, Pkts: 800833, Unique sigs: 47
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.134.47.237, DL: 2, Dsts: 13, Pkts: 78638, Unique sigs: 13

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.164.96.217, DL: 2, Dsts: 1, Pkts: 6059, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026-1027 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1027, Sid: 100196

SRC:  221.127.7.226, DL: 2, Dsts: 6, Pkts: 36375, Unique sigs: 6

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.145.194.32, DL: 2, Dsts: 1, Pkts: 6066, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.99.22.87, DL: 2, Dsts: 1, Pkts: 6067, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.136.83.233, DL: 2, Dsts: 1, Pkts: 25521, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  222.32.36.96, DL: 2, Dsts: 1, Pkts: 3295, Unique sigs: 2

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  82.33.195.130, DL: 2, Dsts: 1, Pkts: 6068, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  192.154.62.2, DL: 2, Dsts: 1, Pkts: 3296, Unique sigs: 2

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  4.152.81.16, DL: 2, Dsts: 1, Pkts: 6069, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.149.13.6, DL: 2, Dsts: 5, Pkts: 30360, Unique sigs: 5

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.202.226.129, DL: 2, Dsts: 1, Pkts: 28819, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.250.65.35, DL: 2, Dsts: 1, Pkts: 3298, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.16.76.54, DL: 2, Dsts: 6, Pkts: 70910, Unique sigs: 12

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-445 (20 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 2, Sid: 381
    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-445 (11 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  12.72.169.216, DL: 2, Dsts: 1, Pkts: 6075, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.219.31.118, DL: 2, Dsts: 1, Pkts: 6076, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.65.143.148, DL: 2, Dsts: 1, Pkts: 6077, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.183.199.110, DL: 2, Dsts: 22, Pkts: 562741, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  24.99.205.48, DL: 2, Dsts: 1, Pkts: 6078, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.41.12.148, DL: 2, Dsts: 1, Pkts: 6079, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.187.199.239, DL: 2, Dsts: 1, Pkts: 6080, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  140.137.131.78, DL: 2, Dsts: 10, Pkts: 60855, Unique sigs: 10

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.90.177.196, DL: 2, Dsts: 1, Pkts: 3306, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  222.248.84.65, DL: 2, Dsts: 1, Pkts: 25606, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  202.58.130.41, DL: 2, Dsts: 2, Pkts: 6615, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  206.173.80.118, DL: 2, Dsts: 1, Pkts: 6091, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.17.45.231, DL: 2, Dsts: 22, Pkts: 565216, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-6101 (13 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445-5900 (3 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-6101 (11 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-6101 (10 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-6101 (7 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 139-6101 (3 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-6101 (7 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-6101 (24 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 139-445 (5 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-6101 (15 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-6101 (12 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 42-6101 (7 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 139-6101 (5 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 139-5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 5900 (1 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 139-6101 (10 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-6101 (21 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-6101 (19 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  61.152.160.63, DL: 2, Dsts: 24, Pkts: 148262, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1027, Sid: 100196
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026-1027 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1026, Sid: 100196
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1027, Sid: 100196
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1026, Sid: 100196
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1026, Sid: 100196
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1026, Sid: 100196
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1026-1027 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1026, Sid: 100196
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1027, Sid: 100196
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1027, Sid: 100196
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1026 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1027, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196

SRC:  152.33.100.159, DL: 2, Dsts: 1, Pkts: 6260, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.189.225.140, DL: 2, Dsts: 1, Pkts: 3309, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.121.94.193, DL: 2, Dsts: 1, Pkts: 29099, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.66.198.124, DL: 2, Dsts: 1, Pkts: 6261, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.238.132.163, DL: 2, Dsts: 1, Pkts: 6262, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.162.51, DL: 2, Dsts: 1, Pkts: 3311, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.166.81.201, DL: 2, Dsts: 1, Pkts: 6263, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.27.13.47, DL: 2, Dsts: 1, Pkts: 29104, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.244.192.130, DL: 2, Dsts: 1, Pkts: 29108, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.206.150.62, DL: 2, Dsts: 1, Pkts: 25798, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  66.134.74.55, DL: 2, Dsts: 1, Pkts: 3314, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.252.103.251, DL: 2, Dsts: 1, Pkts: 25801, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  139.68.4.4, DL: 2, Dsts: 1, Pkts: 29117, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  204.10.105.253, DL: 2, Dsts: 6, Pkts: 37599, Unique sigs: 6

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.189.40.63, DL: 2, Dsts: 1, Pkts: 29121, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.235.38.25, DL: 2, Dsts: 1, Pkts: 6270, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.41.170.97, DL: 2, Dsts: 1, Pkts: 29123, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  207.173.237.55, DL: 2, Dsts: 1, Pkts: 6271, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.148.230.82, DL: 2, Dsts: 1, Pkts: 6272, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.237.66.208, DL: 2, Dsts: 1, Pkts: 29125, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.11.175.135, DL: 2, Dsts: 2, Pkts: 58262, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.9.170.237, DL: 2, Dsts: 1, Pkts: 25817, Unique sigs: 1
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  61.15.52.41, DL: 2, Dsts: 1, Pkts: 3321, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.30.207.155, DL: 2, Dsts: 24, Pkts: 620508, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.128.235.235, DL: 2, Dsts: 1, Pkts: 3322, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  80.97.80.115, DL: 2, Dsts: 1, Pkts: 6273, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.232.140.34, DL: 2, Dsts: 1, Pkts: 29213, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.42.30.57, DL: 2, Dsts: 1, Pkts: 29215, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.11.172.155, DL: 2, Dsts: 1, Pkts: 29219, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.92.155.10, DL: 2, Dsts: 1, Pkts: 6274, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.64.6.165, DL: 2, Dsts: 1, Pkts: 6275, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.150.186.217, DL: 2, Dsts: 1, Pkts: 3326, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.224.42.69, DL: 2, Dsts: 1, Pkts: 25897, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.1.105.34, DL: 2, Dsts: 1, Pkts: 25898, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  213.75.168.50, DL: 2, Dsts: 1, Pkts: 25901, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  217.44.3.178, DL: 2, Dsts: 1, Pkts: 6276, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.120.99.78, DL: 2, Dsts: 2, Pkts: 12555, Unique sigs: 2

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.47.43.83, DL: 2, Dsts: 1, Pkts: 3327, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.14.194.123, DL: 2, Dsts: 1, Pkts: 6279, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.205.152.35, DL: 2, Dsts: 1, Pkts: 25904, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.17.9.245, DL: 2, Dsts: 1, Pkts: 29233, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.80.105.112, DL: 2, Dsts: 1, Pkts: 29241, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  200.119.109.108, DL: 2, Dsts: 1, Pkts: 6280, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.90.58.230, DL: 2, Dsts: 1, Pkts: 25914, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  81.66.34.51, DL: 2, Dsts: 24, Pkts: 622836, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  200.150.162.19, DL: 2, Dsts: 3, Pkts: 18846, Unique sigs: 3

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.24.9, DL: 2, Dsts: 1, Pkts: 3331, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.76.192.169, DL: 2, Dsts: 1, Pkts: 29321, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.28.14, DL: 2, Dsts: 1, Pkts: 3333, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.248.229.123, DL: 2, Dsts: 1, Pkts: 25992, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.98.159.11, DL: 2, Dsts: 11, Pkts: 286110, Unique sigs: 11

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  201.137.149.142, DL: 2, Dsts: 24, Pkts: 625500, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  68.37.209.169, DL: 2, Dsts: 2, Pkts: 12569, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.95.214.210, DL: 2, Dsts: 1, Pkts: 6286, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.107.119.159, DL: 2, Dsts: 24, Pkts: 627228, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.207.249.194, DL: 2, Dsts: 1, Pkts: 26172, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.235.141.172, DL: 2, Dsts: 1, Pkts: 6287, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.159.30.142, DL: 2, Dsts: 1, Pkts: 6288, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.78.37.134, DL: 2, Dsts: 1, Pkts: 6289, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.186.100.228, DL: 2, Dsts: 2, Pkts: 12581, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.25.141.190, DL: 2, Dsts: 1, Pkts: 29509, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.26.111.203, DL: 2, Dsts: 1, Pkts: 29513, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  143.101.237.166, DL: 2, Dsts: 1, Pkts: 3336, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  194.230.144.39, DL: 2, Dsts: 1, Pkts: 6292, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.181.207.157, DL: 2, Dsts: 1, Pkts: 3337, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.158.211.74, DL: 2, Dsts: 1, Pkts: 29546, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.238.192.254, DL: 2, Dsts: 2, Pkts: 6680, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  216.170.187.237, DL: 2, Dsts: 1, Pkts: 3343, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  213.94.18.20, DL: 2, Dsts: 1, Pkts: 6293, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.169.91.223, DL: 2, Dsts: 1, Pkts: 6294, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.33.5.117, DL: 2, Dsts: 1, Pkts: 6295, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  158.193.167.125, DL: 2, Dsts: 10, Pkts: 63005, Unique sigs: 10

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.115.72.100, DL: 2, Dsts: 2, Pkts: 12613, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.26.21.88, DL: 2, Dsts: 1, Pkts: 6308, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  159.99.65.2, DL: 2, Dsts: 2, Pkts: 59538, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.190.104.12, DL: 2, Dsts: 1, Pkts: 29774, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.88.105, DL: 2, Dsts: 1, Pkts: 3347, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.163.43.108, DL: 2, Dsts: 2, Pkts: 52864, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  202.106.169.83, DL: 2, Dsts: 22, Pkts: 582040, Unique sigs: 22
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.110.74.76, DL: 2, Dsts: 1, Pkts: 26480, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.196.114.224, DL: 2, Dsts: 1, Pkts: 6309, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.176.24.17, DL: 2, Dsts: 1, Pkts: 26482, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3127 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375

SRC:  61.18.105.72, DL: 2, Dsts: 1, Pkts: 3348, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.89.46.110, DL: 2, Dsts: 1, Pkts: 29834, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.187.29.102, DL: 2, Dsts: 1, Pkts: 3350, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.216.119.125, DL: 2, Dsts: 1, Pkts: 3351, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.126.191.168, DL: 2, Dsts: 2, Pkts: 6705, Unique sigs: 4

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  80.178.16.96, DL: 2, Dsts: 1, Pkts: 6310, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  72.11.210.194, DL: 2, Dsts: 2, Pkts: 12623, Unique sigs: 2

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.119.58.28, DL: 2, Dsts: 24, Pkts: 639602, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135-6129 (24 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-6129 (9 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135-6129 (18 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135-6129 (12 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-6129 (12 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-6129 (15 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-6129 (18 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135-6129 (12 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-6129 (12 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135-445 (15 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-6129 (18 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135-6129 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-6129 (14 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-6129 (15 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135-6129 (18 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-6129 (18 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-6129 (12 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135-6129 (9 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135-6129 (24 packets)

SRC:  203.101.48.56, DL: 2, Dsts: 1, Pkts: 6313, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.228.140.87, DL: 2, Dsts: 1, Pkts: 3354, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.108.207.49, DL: 2, Dsts: 1, Pkts: 26807, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.232.1.75, DL: 2, Dsts: 1, Pkts: 3355, Unique sigs: 2

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  4.234.165.90, DL: 2, Dsts: 1, Pkts: 6314, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.63.112.166, DL: 2, Dsts: 1, Pkts: 26810, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  210.194.141.178, DL: 2, Dsts: 1, Pkts: 6315, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.50.52.91, DL: 2, Dsts: 1, Pkts: 6316, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.64.248, DL: 2, Dsts: 1, Pkts: 3356, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.17.171.33, DL: 2, Dsts: 1, Pkts: 6317, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  10.80.64.44, DL: 2, Dsts: 1, Pkts: 3357, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.97.174.226, DL: 2, Dsts: 3, Pkts: 18957, Unique sigs: 3

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.19.153.91, DL: 2, Dsts: 1, Pkts: 30171, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.165.173.48, DL: 2, Dsts: 1, Pkts: 6321, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.171.48.148, DL: 2, Dsts: 1, Pkts: 6322, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.90.119.107, DL: 2, Dsts: 1, Pkts: 6323, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.127.87.17, DL: 2, Dsts: 1, Pkts: 6324, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.159.64.35, DL: 2, Dsts: 1, Pkts: 3359, Unique sigs: 1

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.23.135.64, DL: 2, Dsts: 1, Pkts: 26816, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  69.42.13.72, DL: 2, Dsts: 1, Pkts: 30177, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.55.0.8, DL: 2, Dsts: 1, Pkts: 6325, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.35.8.116, DL: 2, Dsts: 24, Pkts: 643908, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  84.175.200.234, DL: 2, Dsts: 24, Pkts: 645082, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  219.65.125.181, DL: 2, Dsts: 24, Pkts: 646788, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  203.177.2.117, DL: 2, Dsts: 1, Pkts: 6326, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.129.27.158, DL: 2, Dsts: 1, Pkts: 26987, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.153.68.54, DL: 2, Dsts: 1, Pkts: 3361, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  70.26.198.118, DL: 2, Dsts: 1, Pkts: 26996, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205

SRC:  222.240.87.92, DL: 2, Dsts: 1, Pkts: 26998, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.93.103.153, DL: 2, Dsts: 1, Pkts: 30363, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.124.223.35, DL: 2, Dsts: 1, Pkts: 6327, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.149.169, DL: 2, Dsts: 1, Pkts: 3363, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.162.9.13, DL: 2, Dsts: 1, Pkts: 6328, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.144.68.30, DL: 2, Dsts: 2, Pkts: 12659, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.192.41.96, DL: 2, Dsts: 1, Pkts: 6331, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.153.42.250, DL: 2, Dsts: 1, Pkts: 27004, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.210.71.46, DL: 2, Dsts: 1, Pkts: 6332, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  205.162.54.194, DL: 2, Dsts: 1, Pkts: 27007, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  151.38.110.43, DL: 2, Dsts: 1, Pkts: 6333, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.40.72.40, DL: 2, Dsts: 2, Pkts: 12669, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.139.234.101, DL: 2, Dsts: 1, Pkts: 6336, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.232.107.122, DL: 2, Dsts: 1, Pkts: 3364, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.91.147.125, DL: 2, Dsts: 24, Pkts: 648993, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.228.67.169, DL: 2, Dsts: 1, Pkts: 6337, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.191.121.43, DL: 2, Dsts: 1, Pkts: 6338, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.35.11.141, DL: 2, Dsts: 1, Pkts: 6339, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.32.89.134, DL: 2, Dsts: 24, Pkts: 650481, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  202.239.167.250, DL: 2, Dsts: 2, Pkts: 6731, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.99.21.171, DL: 2, Dsts: 1, Pkts: 6340, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.18.64.65, DL: 2, Dsts: 1, Pkts: 27131, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.133.25.250, DL: 2, Dsts: 1, Pkts: 30499, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.198.119.45, DL: 2, Dsts: 1, Pkts: 6341, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  57.250.225.162, DL: 2, Dsts: 24, Pkts: 705704, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.16, DL: 2, Dsts: 17, Pkts: 107955, Unique sigs: 17

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.134.49.59, DL: 2, Dsts: 1, Pkts: 6360, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  208.212.35.251, DL: 2, Dsts: 24, Pkts: 653188, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.18.59.62, DL: 2, Dsts: 1, Pkts: 3392, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.71.252.108, DL: 2, Dsts: 1, Pkts: 6361, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.216.104.212, DL: 2, Dsts: 1, Pkts: 6362, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.93.30.15, DL: 2, Dsts: 1, Pkts: 30646, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.109.115.162, DL: 2, Dsts: 1, Pkts: 27257, Unique sigs: 1
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  218.219.186.248, DL: 2, Dsts: 1, Pkts: 3394, Unique sigs: 2

    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.89.61.209, DL: 2, Dsts: 1, Pkts: 3395, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.104, DL: 2, Dsts: 1, Pkts: 6363, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.13.32.15, DL: 2, Dsts: 2, Pkts: 30654, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.76.52, DL: 2, Dsts: 1, Pkts: 3397, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  71.4.46.163, DL: 2, Dsts: 1, Pkts: 6364, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  198.59.191.49, DL: 2, Dsts: 1, Pkts: 3398, Unique sigs: 2

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  200.168.129.51, DL: 2, Dsts: 1, Pkts: 27284, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.55.91.146, DL: 2, Dsts: 1, Pkts: 27287, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  24.129.197.225, DL: 2, Dsts: 24, Pkts: 655788, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  24.172.227.91, DL: 2, Dsts: 1, Pkts: 3399, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.124.226.189, DL: 2, Dsts: 1, Pkts: 6365, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.253.139.87, DL: 2, Dsts: 1, Pkts: 27362, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  217.131.90.92, DL: 2, Dsts: 1, Pkts: 6366, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.81.114.50, DL: 2, Dsts: 1, Pkts: 3400, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.93.149.227, DL: 2, Dsts: 1, Pkts: 6367, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.38.14.63, DL: 2, Dsts: 1, Pkts: 6368, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.94.114.33, DL: 2, Dsts: 24, Pkts: 657588, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  68.219.231.184, DL: 2, Dsts: 1, Pkts: 3401, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.64.247, DL: 2, Dsts: 1, Pkts: 3402, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  4.228.216.112, DL: 2, Dsts: 1, Pkts: 6369, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.107.42.16, DL: 2, Dsts: 1, Pkts: 3403, Unique sigs: 2

    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  220.170.151.237, DL: 2, Dsts: 1, Pkts: 30893, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.99.230.202, DL: 2, Dsts: 1, Pkts: 6370, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.35.221.243, DL: 2, Dsts: 1, Pkts: 30895, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.76.70.117, DL: 2, Dsts: 1, Pkts: 6371, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  208.144.228.228, DL: 2, Dsts: 1, Pkts: 3406, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.95.177.33, DL: 2, Dsts: 1, Pkts: 3407, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  38.117.22.193, DL: 2, Dsts: 11, Pkts: 70147, Unique sigs: 11

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.83.33.98, DL: 2, Dsts: 3, Pkts: 10235, Unique sigs: 3

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 4, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  192.124.127.228, DL: 2, Dsts: 1, Pkts: 3416, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.167.9.167, DL: 2, Dsts: 1, Pkts: 3417, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.94.239.228, DL: 2, Dsts: 1, Pkts: 3432, Unique sigs: 1

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 15, Sid: 384

SRC:  200.203.120.203, DL: 2, Dsts: 24, Pkts: 153535, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  70.80.231.76, DL: 2, Dsts: 24, Pkts: 660924, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.90.66.70, DL: 2, Dsts: 1, Pkts: 6412, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.129.214.172, DL: 2, Dsts: 23, Pkts: 715507, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  208.155.14.68, DL: 2, Dsts: 1, Pkts: 31144, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.79.102.196, DL: 2, Dsts: 1, Pkts: 3480, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.232.144.225, DL: 2, Dsts: 1, Pkts: 6413, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.50.110.221, DL: 2, Dsts: 1, Pkts: 3481, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  10.69.3.39, DL: 2, Dsts: 1, Pkts: 3482, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.191.215.102, DL: 2, Dsts: 1, Pkts: 6414, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.60.19.64, DL: 2, Dsts: 1, Pkts: 3483, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.147.167.219, DL: 2, Dsts: 1, Pkts: 6415, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.18.30.128, DL: 2, Dsts: 1, Pkts: 31152, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.27.100.203, DL: 2, Dsts: 1, Pkts: 6416, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.212.231.103, DL: 2, Dsts: 1, Pkts: 6417, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  193.109.122.25, DL: 2, Dsts: 1, Pkts: 27669, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 8000 (1 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084

SRC:  84.247.51.202, DL: 2, Dsts: 1, Pkts: 6418, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  35.11.172.158, DL: 2, Dsts: 1, Pkts: 3485, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.185.97.89, DL: 2, Dsts: 1, Pkts: 31158, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.212.3.229, DL: 2, Dsts: 2, Pkts: 55351, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.185.32.146, DL: 2, Dsts: 1, Pkts: 3487, Unique sigs: 1

    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.150.5.99, DL: 2, Dsts: 1, Pkts: 6419, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.0.196.132, DL: 2, Dsts: 1, Pkts: 27679, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  59.83.177.4, DL: 2, Dsts: 1, Pkts: 6420, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.28.85.131, DL: 2, Dsts: 23, Pkts: 636893, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  61.152.108.4, DL: 2, Dsts: 23, Pkts: 148083, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196

SRC:  202.9.178.33, DL: 2, Dsts: 24, Pkts: 155499, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208

SRC:  217.233.240.127, DL: 2, Dsts: 1, Pkts: 27709, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3128 (1 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  195.175.83.116, DL: 2, Dsts: 1, Pkts: 6503, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.76.53.10, DL: 2, Dsts: 2, Pkts: 62398, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.174.68.146, DL: 2, Dsts: 1, Pkts: 27714, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  66.14.229.145, DL: 2, Dsts: 1, Pkts: 6504, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.155.226.151, DL: 2, Dsts: 1, Pkts: 27715, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3127 (1 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3127, SYN, Sid: 2375

SRC:  212.30.77.197, DL: 2, Dsts: 2, Pkts: 62423, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 80 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.83.24.184, DL: 2, Dsts: 2, Pkts: 62432, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.226.148.16, DL: 2, Dsts: 1, Pkts: 6505, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.10.67.186, DL: 2, Dsts: 1, Pkts: 6506, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.24.54.48, DL: 2, Dsts: 1, Pkts: 3495, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.169.203.104, DL: 2, Dsts: 1, Pkts: 6507, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.163.233.195, DL: 2, Dsts: 1, Pkts: 6508, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.72.40.67, DL: 2, Dsts: 1, Pkts: 3496, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.6.92.255, DL: 2, Dsts: 1, Pkts: 31221, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.75.170.230, DL: 2, Dsts: 1, Pkts: 31223, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.22.151.222, DL: 2, Dsts: 17, Pkts: 471478, Unique sigs: 17

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  220.107.111.248, DL: 2, Dsts: 1, Pkts: 6521, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.0.57.127, DL: 2, Dsts: 1, Pkts: 27794, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.175.119.2, DL: 2, Dsts: 1, Pkts: 31296, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.101.250.181, DL: 2, Dsts: 1, Pkts: 27800, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.130.39.132, DL: 2, Dsts: 1, Pkts: 6522, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.183.78.142, DL: 2, Dsts: 1, Pkts: 3500, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.176.36.61, DL: 2, Dsts: 1, Pkts: 31302, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.126.79.82, DL: 2, Dsts: 1, Pkts: 6524, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  61.185.75.8, DL: 2, Dsts: 8, Pkts: 52228, Unique sigs: 8

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  140.115.234.92, DL: 2, Dsts: 1, Pkts: 3502, Unique sigs: 2

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  202.226.228.178, DL: 2, Dsts: 1, Pkts: 31305, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.191.133.104, DL: 2, Dsts: 9, Pkts: 58833, Unique sigs: 9

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.116.76.53, DL: 2, Dsts: 1, Pkts: 31307, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.201.34.110, DL: 2, Dsts: 1, Pkts: 27806, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  67.184.159.161, DL: 2, Dsts: 1, Pkts: 6542, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.165.187.15, DL: 2, Dsts: 1, Pkts: 3505, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.245.194.32, DL: 2, Dsts: 1, Pkts: 3506, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  172.198.177.179, DL: 2, Dsts: 1, Pkts: 6543, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.91.240.92, DL: 2, Dsts: 3, Pkts: 19635, Unique sigs: 3

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.187.8.79, DL: 2, Dsts: 1, Pkts: 6547, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.130.32.90, DL: 2, Dsts: 1, Pkts: 6548, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.142.141.43, DL: 2, Dsts: 1, Pkts: 31316, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.115.162.140, DL: 2, Dsts: 1, Pkts: 6549, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.235.52.188, DL: 2, Dsts: 1, Pkts: 3508, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.231.54.178, DL: 2, Dsts: 1, Pkts: 6550, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  10.10.0.244, DL: 2, Dsts: 1, Pkts: 3509, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  206.53.51.12, DL: 2, Dsts: 14, Pkts: 91818, Unique sigs: 14

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.62.128, DL: 2, Dsts: 1, Pkts: 3510, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.191.75.148, DL: 2, Dsts: 1, Pkts: 6567, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.22.149.203, DL: 2, Dsts: 1, Pkts: 27898, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  169.152.251.99, DL: 2, Dsts: 1, Pkts: 31411, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  82.229.189.208, DL: 2, Dsts: 1, Pkts: 6568, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.8.130.201, DL: 2, Dsts: 2, Pkts: 55807, Unique sigs: 2

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  81.243.10.250, DL: 2, Dsts: 1, Pkts: 6569, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  128.237.241.5, DL: 2, Dsts: 1, Pkts: 6570, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.188.48.211, DL: 2, Dsts: 1, Pkts: 3513, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.133.49.250, DL: 2, Dsts: 2, Pkts: 55831, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.27.145.253, DL: 2, Dsts: 1, Pkts: 27919, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  81.214.64.4, DL: 2, Dsts: 1, Pkts: 6571, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.236.102.118, DL: 2, Dsts: 1, Pkts: 27922, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.185.76.65, DL: 2, Dsts: 1, Pkts: 6572, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.98.193.130, DL: 2, Dsts: 2, Pkts: 13147, Unique sigs: 2

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.135.44.17, DL: 2, Dsts: 1, Pkts: 27937, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.243.234.155, DL: 2, Dsts: 21, Pkts: 588309, Unique sigs: 28

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-6101 (12 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-139 (2 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 6101 (1 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-6101 (7 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-6101 (9 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-6101 (6 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 5900 (1 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-6101 (11 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 42-6101 (6 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-6101 (6 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 5900 (1 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42 (1 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.129.32.103, DL: 2, Dsts: 1, Pkts: 6575, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.46.177.140, DL: 2, Dsts: 1, Pkts: 28114, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  203.221.10.91, DL: 2, Dsts: 1, Pkts: 6576, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.24.5.203, DL: 2, Dsts: 1, Pkts: 3514, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.25.213.205, DL: 2, Dsts: 1, Pkts: 28173, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.110.45.6, DL: 2, Dsts: 1, Pkts: 6577, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.35.87.237, DL: 2, Dsts: 1, Pkts: 28176, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.155.196.9, DL: 2, Dsts: 1, Pkts: 31694, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.144.88.106, DL: 2, Dsts: 1, Pkts: 28182, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.21.101.7, DL: 2, Dsts: 1, Pkts: 3516, Unique sigs: 1

    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.58.214.36, DL: 2, Dsts: 1, Pkts: 28188, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205

SRC:  83.41.127.149, DL: 2, Dsts: 1, Pkts: 28191, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.133.116.20, DL: 2, Dsts: 1, Pkts: 31711, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.189.71.160, DL: 2, Dsts: 1, Pkts: 28198, Unique sigs: 1
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  218.64.194.139, DL: 2, Dsts: 19, Pkts: 535952, Unique sigs: 19

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  218.84.252.73, DL: 2, Dsts: 1, Pkts: 28220, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.171.226.167, DL: 2, Dsts: 2, Pkts: 56449, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.141.90.15, DL: 2, Dsts: 24, Pkts: 678324, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  68.94.125.162, DL: 2, Dsts: 1, Pkts: 31817, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.146.23.101, DL: 2, Dsts: 1, Pkts: 6578, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.134.61.209, DL: 2, Dsts: 8, Pkts: 52660, Unique sigs: 8

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.146.41.126, DL: 2, Dsts: 1, Pkts: 31819, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.221.134.45, DL: 2, Dsts: 1, Pkts: 31821, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.54.132, DL: 2, Dsts: 1, Pkts: 6587, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.19.101.240, DL: 2, Dsts: 1, Pkts: 28304, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  68.55.62.140, DL: 2, Dsts: 1, Pkts: 6588, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.182.37.92, DL: 2, Dsts: 1, Pkts: 28306, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.245.45.76, DL: 2, Dsts: 1, Pkts: 3521, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.72.15.222, DL: 2, Dsts: 14, Pkts: 396464, Unique sigs: 14

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  207.42.188.102, DL: 2, Dsts: 1, Pkts: 6589, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.216.118.49, DL: 2, Dsts: 1, Pkts: 3522, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.196.254.170, DL: 2, Dsts: 1, Pkts: 31855, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.155.220.121, DL: 2, Dsts: 1, Pkts: 31859, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  80.224.64.192, DL: 2, Dsts: 1, Pkts: 6590, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.190.13.22, DL: 2, Dsts: 3, Pkts: 19776, Unique sigs: 3

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.171.21.97, DL: 2, Dsts: 24, Pkts: 680940, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  202.201.249.192, DL: 2, Dsts: 1, Pkts: 3525, Unique sigs: 2

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  213.100.56.48, DL: 2, Dsts: 2, Pkts: 13189, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.172.189.99, DL: 2, Dsts: 1, Pkts: 31934, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.64.111.9, DL: 2, Dsts: 1, Pkts: 6596, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  130.117.152.16, DL: 2, Dsts: 1, Pkts: 6597, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.217.20.134, DL: 2, Dsts: 1, Pkts: 28411, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  194.106.52.76, DL: 2, Dsts: 1, Pkts: 6598, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.47.151.131, DL: 2, Dsts: 1, Pkts: 3527, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.146.49.210, DL: 2, Dsts: 19, Pkts: 540191, Unique sigs: 19

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.16.184.170, DL: 2, Dsts: 1, Pkts: 31982, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.229.10.156, DL: 2, Dsts: 1, Pkts: 3529, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.147.180.122, DL: 2, Dsts: 8, Pkts: 227738, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205

SRC:  61.150.77.243, DL: 2, Dsts: 1, Pkts: 6599, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  61.159.15.2, DL: 2, Dsts: 24, Pkts: 159465, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208

SRC:  219.149.124.236, DL: 2, Dsts: 5, Pkts: 33420, Unique sigs: 5

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.116.59.164, DL: 2, Dsts: 24, Pkts: 755055, Unique sigs: 48

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-445 (48 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-445 (45 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-445 (46 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-445 (45 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 42-445 (46 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-445 (48 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 42-445 (46 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-445 (46 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-445 (45 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-445 (46 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-445 (47 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 42-445 (44 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-445 (47 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-445 (45 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-445 (47 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-445 (46 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 42-445 (47 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 42-445 (46 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-445 (47 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42-445 (44 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-445 (47 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-445 (46 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 8, Sid: 381
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-445 (53 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 9, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 9, Sid: 381

SRC:  61.91.110.190, DL: 2, Dsts: 1, Pkts: 6687, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.139.165.60, DL: 2, Dsts: 1, Pkts: 6688, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.204.104.150, DL: 2, Dsts: 1, Pkts: 29646, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80-6129 (16 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375

SRC:  221.209.91.81, DL: 2, Dsts: 1, Pkts: 3723, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.142.147, DL: 2, Dsts: 1, Pkts: 3724, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.133.54.180, DL: 2, Dsts: 1, Pkts: 6689, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.153.237.98, DL: 2, Dsts: 1, Pkts: 3725, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.9.227, DL: 2, Dsts: 3, Pkts: 20073, Unique sigs: 3

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.130.217.132, DL: 2, Dsts: 12, Pkts: 371142, Unique sigs: 24

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-80 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-80 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 42-80 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-80 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-80 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-80 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-80 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.185.75.150, DL: 2, Dsts: 12, Pkts: 80382, Unique sigs: 12

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.19.152.249, DL: 2, Dsts: 1, Pkts: 29690, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  172.149.92.169, DL: 2, Dsts: 1, Pkts: 6705, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.75.45, DL: 2, Dsts: 6, Pkts: 40257, Unique sigs: 6

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.131.58.241, DL: 2, Dsts: 1, Pkts: 29695, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  211.216.138.172, DL: 2, Dsts: 18, Pkts: 536069, Unique sigs: 35

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-6101 (11 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-6101 (10 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 42-6101 (11 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-6101 (5 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 42-6101 (10 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 42-6101 (7 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 42-6101 (10 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-6101 (9 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-6101 (6 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-6101 (11 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 42-6101 (8 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 42-6101 (7 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 42-6101 (9 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 42-6101 (12 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-6101 (11 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42-6101 (11 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 42-6101 (9 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-6101 (9 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  65.166.10.228, DL: 2, Dsts: 1, Pkts: 3738, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.75.15.134, DL: 2, Dsts: 1, Pkts: 3739, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.232.133.100, DL: 2, Dsts: 24, Pkts: 717261, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  69.70.211.104, DL: 2, Dsts: 1, Pkts: 6713, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.76.128, DL: 2, Dsts: 2, Pkts: 13429, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  35.11.37.228, DL: 2, Dsts: 1, Pkts: 33651, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.242.161.6, DL: 2, Dsts: 1, Pkts: 3741, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.226.28.251, DL: 2, Dsts: 1, Pkts: 29913, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.85.9.143, DL: 2, Dsts: 23, Pkts: 747150, Unique sigs: 48

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 81-10080 (7 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 80-10080 (18 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 81-8888 (12 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 81-10080 (15 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 444-8888 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 80-8888 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 81-10080 (15 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1080-10080 (5 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 80-10080 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 81-10080 (11 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 80-10080 (10 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 81-1080 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80-10080 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 81-10080 (13 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1080-8000 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 81-10080 (10 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 80-10080 (13 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 80-10080 (11 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 444-10080 (15 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 80-10080 (9 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80-10080 (25 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1080 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  82.178.84.204, DL: 2, Dsts: 1, Pkts: 6716, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.128.171.45, DL: 2, Dsts: 1, Pkts: 30143, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.235.70.188, DL: 2, Dsts: 1, Pkts: 3778, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.210.39.93, DL: 2, Dsts: 1, Pkts: 6717, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.8.6.223, DL: 2, Dsts: 1, Pkts: 6718, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.103.213.94, DL: 2, Dsts: 23, Pkts: 693705, Unique sigs: 23
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  64.158.58.51, DL: 2, Dsts: 1, Pkts: 3779, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.182.88.106, DL: 2, Dsts: 1, Pkts: 6719, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.11.172.222, DL: 2, Dsts: 1, Pkts: 6720, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.1.238.148, DL: 2, Dsts: 1, Pkts: 30178, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  83.36.146.241, DL: 2, Dsts: 1, Pkts: 6721, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.63.163.203, DL: 2, Dsts: 18, Pkts: 543375, Unique sigs: 18

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  65.137.70.173, DL: 2, Dsts: 1, Pkts: 6722, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.94.34.130, DL: 2, Dsts: 1, Pkts: 6723, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.144.59.23, DL: 2, Dsts: 1, Pkts: 3780, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.150.244.58, DL: 2, Dsts: 1, Pkts: 33982, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  60.36.3.208, DL: 2, Dsts: 2, Pkts: 13449, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.15.175.187, DL: 2, Dsts: 1, Pkts: 3784, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.130.98.77, DL: 2, Dsts: 1, Pkts: 3785, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.244.201.163, DL: 2, Dsts: 1, Pkts: 6726, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.159.89.73, DL: 2, Dsts: 1, Pkts: 6727, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.110.14.184, DL: 2, Dsts: 1, Pkts: 6728, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.215.164.181, DL: 2, Dsts: 2, Pkts: 13459, Unique sigs: 2

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.221.142.229, DL: 2, Dsts: 1, Pkts: 3786, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.222.244.160, DL: 2, Dsts: 24, Pkts: 725804, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.155.188.103, DL: 2, Dsts: 1, Pkts: 34065, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.20.66.165, DL: 2, Dsts: 1, Pkts: 30293, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  81.134.46.4, DL: 2, Dsts: 1, Pkts: 6731, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.72.92.17, DL: 2, Dsts: 1, Pkts: 6732, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.148.228.122, DL: 2, Dsts: 1, Pkts: 6733, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.97.9.145, DL: 2, Dsts: 1, Pkts: 3788, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.99.5.63, DL: 2, Dsts: 1, Pkts: 3789, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  217.96.203.118, DL: 2, Dsts: 1, Pkts: 6734, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.104.133.214, DL: 2, Dsts: 1, Pkts: 34084, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  83.198.110.73, DL: 2, Dsts: 1, Pkts: 30297, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.173.154.14, DL: 2, Dsts: 1, Pkts: 30298, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.22.136.24, DL: 2, Dsts: 1, Pkts: 6735, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.237.134.238, DL: 2, Dsts: 1, Pkts: 30316, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.131.72.60, DL: 2, Dsts: 1, Pkts: 6736, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.64.152.113, DL: 2, Dsts: 1, Pkts: 30319, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  202.71.61.70, DL: 2, Dsts: 1, Pkts: 6737, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.11.108.235, DL: 2, Dsts: 1, Pkts: 6738, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.169.106.132, DL: 2, Dsts: 1, Pkts: 30321, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.18.82.162, DL: 2, Dsts: 1, Pkts: 3791, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.137.196.172, DL: 2, Dsts: 1, Pkts: 6739, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.235.81.237, DL: 2, Dsts: 1, Pkts: 34116, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.89.103.30, DL: 2, Dsts: 1, Pkts: 3793, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.28.254.74, DL: 2, Dsts: 17, Pkts: 515942, Unique sigs: 17

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3127 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3127 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3127 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  81.170.163.200, DL: 2, Dsts: 1, Pkts: 6740, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.11.207.230, DL: 2, Dsts: 1, Pkts: 30374, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  67.176.77.187, DL: 2, Dsts: 2, Pkts: 68340, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.40.136.19, DL: 2, Dsts: 1, Pkts: 6741, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.11.238.86, DL: 2, Dsts: 1, Pkts: 6742, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.240.84.179, DL: 2, Dsts: 1, Pkts: 34173, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  70.19.85.122, DL: 2, Dsts: 1, Pkts: 30380, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  201.17.154.9, DL: 2, Dsts: 2, Pkts: 60769, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  65.106.205.254, DL: 2, Dsts: 1, Pkts: 34186, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.15.35.35, DL: 2, Dsts: 7, Pkts: 26757, Unique sigs: 14

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 3, Sid: 385
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 3, Sid: 385
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 3, Sid: 385
    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 3, Sid: 385
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 3, Sid: 385
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 8, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 3, Sid: 385
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 6, Sid: 384
        Signature match: "ICMP traceroute" (icmp), Chain: FORWARD, Count: 3, Sid: 385

SRC:  81.136.207.4, DL: 2, Dsts: 1, Pkts: 6743, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.17.133.184, DL: 2, Dsts: 1, Pkts: 34236, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.9.146.6, DL: 2, Dsts: 1, Pkts: 34238, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.16.198.102, DL: 2, Dsts: 1, Pkts: 34242, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.94.192.25, DL: 2, Dsts: 1, Pkts: 6744, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.151.235.135, DL: 2, Dsts: 1, Pkts: 6745, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.77.133.240, DL: 2, Dsts: 1, Pkts: 6746, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.234.60.180, DL: 2, Dsts: 1, Pkts: 3847, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.57.145.2, DL: 2, Dsts: 1, Pkts: 30402, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205

SRC:  211.98.12.30, DL: 2, Dsts: 1, Pkts: 30418, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80-6129 (16 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.189.26.162, DL: 2, Dsts: 24, Pkts: 730561, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  4.18.52.226, DL: 2, Dsts: 2, Pkts: 7697, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.178.218.230, DL: 2, Dsts: 4, Pkts: 26994, Unique sigs: 4

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.50.92.50, DL: 2, Dsts: 22, Pkts: 725027, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 21 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 21 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 21 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  208.218.139.49, DL: 2, Dsts: 1, Pkts: 6751, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  208.138.31.209, DL: 2, Dsts: 1, Pkts: 34375, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  12.28.51.32, DL: 2, Dsts: 1, Pkts: 6752, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.195.24.237, DL: 2, Dsts: 1, Pkts: 6753, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.215.27.92, DL: 2, Dsts: 1, Pkts: 6754, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.156.152.105, DL: 2, Dsts: 24, Pkts: 732972, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  218.70.58.153, DL: 2, Dsts: 1, Pkts: 34449, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  204.102.106.121, DL: 2, Dsts: 1, Pkts: 34451, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.73.56.43, DL: 2, Dsts: 1, Pkts: 6755, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.16.218.72, DL: 2, Dsts: 1, Pkts: 34455, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.88.169.126, DL: 2, Dsts: 1, Pkts: 6756, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.66.19.242, DL: 2, Dsts: 2, Pkts: 7753, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.246.66.134, DL: 2, Dsts: 1, Pkts: 3878, Unique sigs: 1

    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.10.84.238, DL: 2, Dsts: 1, Pkts: 6757, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.78.42.140, DL: 2, Dsts: 1, Pkts: 3879, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.12.127.242, DL: 2, Dsts: 1, Pkts: 6758, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.21.127.198, DL: 2, Dsts: 3, Pkts: 42226, Unique sigs: 3

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  218.80.20.135, DL: 2, Dsts: 24, Pkts: 734608, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  220.102.139.179, DL: 2, Dsts: 2, Pkts: 13519, Unique sigs: 2

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.152.118.155, DL: 2, Dsts: 19, Pkts: 582692, Unique sigs: 19

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  218.164.141.107, DL: 2, Dsts: 1, Pkts: 6761, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.48.76.250, DL: 2, Dsts: 1, Pkts: 6762, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.144.103.148, DL: 2, Dsts: 2, Pkts: 13527, Unique sigs: 2

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.153.129.113, DL: 2, Dsts: 1, Pkts: 3885, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.106.172.142, DL: 2, Dsts: 1, Pkts: 34608, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.158.32.218, DL: 2, Dsts: 1, Pkts: 3887, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.113.187.53, DL: 2, Dsts: 2, Pkts: 69240, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.138.34.88, DL: 2, Dsts: 24, Pkts: 740855, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (10 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 10, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (12 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 12, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (12 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 12, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3389 (12 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 12, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3389 (7 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (12 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 12, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (10 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 10, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3389 (11 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 11, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (12 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 12, DP: 3389, SYN, Sid: 100077

SRC:  83.237.23.52, DL: 2, Dsts: 1, Pkts: 30998, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.24.95.113, DL: 2, Dsts: 1, Pkts: 34889, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.18.21.64, DL: 2, Dsts: 1, Pkts: 31001, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.159.62.142, DL: 2, Dsts: 24, Pkts: 163295, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208

SRC:  24.151.245.10, DL: 2, Dsts: 1, Pkts: 34893, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  193.22.140.50, DL: 2, Dsts: 2, Pkts: 62013, Unique sigs: 2

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.19.99.200, DL: 2, Dsts: 1, Pkts: 34901, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.22.146.234, DL: 2, Dsts: 1, Pkts: 3893, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.134.56.124, DL: 2, Dsts: 1, Pkts: 6844, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.193.77.10, DL: 2, Dsts: 13, Pkts: 89146, Unique sigs: 13

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.39.229.191, DL: 2, Dsts: 1, Pkts: 6868, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.16.183.22, DL: 2, Dsts: 1, Pkts: 6869, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.6.123.51, DL: 2, Dsts: 1, Pkts: 6870, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.232.144.220, DL: 2, Dsts: 1, Pkts: 3894, Unique sigs: 1

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.40.125.94, DL: 2, Dsts: 1, Pkts: 31058, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.244.240.86, DL: 2, Dsts: 1, Pkts: 6871, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.195.207.14, DL: 2, Dsts: 1, Pkts: 3895, Unique sigs: 2

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.2.7.123, DL: 2, Dsts: 1, Pkts: 6872, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.16.231.239, DL: 2, Dsts: 1, Pkts: 31061, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  158.222.3.7, DL: 2, Dsts: 24, Pkts: 745764, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077

SRC:  220.217.131.178, DL: 2, Dsts: 1, Pkts: 6873, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.100.93.135, DL: 2, Dsts: 5, Pkts: 34380, Unique sigs: 5

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.110.21.180, DL: 2, Dsts: 1, Pkts: 31088, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  210.64.7.216, DL: 2, Dsts: 1, Pkts: 34999, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.141.223.82, DL: 2, Dsts: 1, Pkts: 6879, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.74.149.197, DL: 2, Dsts: 1, Pkts: 6880, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.102.169.54, DL: 2, Dsts: 1, Pkts: 3897, Unique sigs: 1

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.94.203.115, DL: 2, Dsts: 2, Pkts: 70012, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.229.171.81, DL: 2, Dsts: 1, Pkts: 3900, Unique sigs: 2

    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  219.145.177.213, DL: 2, Dsts: 1, Pkts: 6881, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.241.200.234, DL: 2, Dsts: 3, Pkts: 20649, Unique sigs: 3

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.166.35.226, DL: 2, Dsts: 1, Pkts: 35023, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.206.255.31, DL: 2, Dsts: 1, Pkts: 6885, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.126.79.64, DL: 2, Dsts: 1, Pkts: 6887, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  200.110.9.94, DL: 2, Dsts: 1, Pkts: 3902, Unique sigs: 2

    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.187.208.147, DL: 2, Dsts: 1, Pkts: 3903, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.75.65.15, DL: 2, Dsts: 1, Pkts: 3904, Unique sigs: 2

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.25.146.170, DL: 2, Dsts: 1, Pkts: 3905, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.99.49.193, DL: 2, Dsts: 1, Pkts: 6888, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.22.56.201, DL: 2, Dsts: 24, Pkts: 748705, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3127 (5 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 5, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3127 (5 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 5, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3127 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 6, DP: 3127, SYN, Sid: 2375

SRC:  24.170.103.208, DL: 2, Dsts: 1, Pkts: 6889, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.63.85.176, DL: 2, Dsts: 3, Pkts: 20673, Unique sigs: 3

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.241.29.159, DL: 2, Dsts: 1, Pkts: 31286, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.196.56.99, DL: 2, Dsts: 24, Pkts: 751744, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.155.216.4, DL: 2, Dsts: 1, Pkts: 35266, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.1.253.191, DL: 2, Dsts: 1, Pkts: 6893, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.149.47.67, DL: 2, Dsts: 1, Pkts: 6894, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.63.92, DL: 2, Dsts: 1, Pkts: 3908, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  210.116.106.72, DL: 2, Dsts: 8, Pkts: 250916, Unique sigs: 8

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077

SRC:  63.210.112.100, DL: 2, Dsts: 22, Pkts: 151921, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.204.25.216, DL: 2, Dsts: 1, Pkts: 31371, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.185.76.88, DL: 2, Dsts: 2, Pkts: 13835, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  148.243.59.96, DL: 2, Dsts: 1, Pkts: 6919, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.185.36.196, DL: 2, Dsts: 1, Pkts: 6920, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.40.158.242, DL: 2, Dsts: 1, Pkts: 6921, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.98.200.207, DL: 2, Dsts: 24, Pkts: 815901, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 25 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  196.205.38.200, DL: 2, Dsts: 1, Pkts: 6922, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.126.79.75, DL: 2, Dsts: 1, Pkts: 6924, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  218.1.74.231, DL: 2, Dsts: 22, Pkts: 690992, Unique sigs: 22

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  157.95.211.50, DL: 2, Dsts: 1, Pkts: 3933, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.75.4.128, DL: 2, Dsts: 24, Pkts: 720236, Unique sigs: 42

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1080-8080 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1080-8000 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1080-8080 (10 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 8000 (1 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 6588-8080 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 8080 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 8000 (1 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 6588-8080 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 8000-8080 (2 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1080-8000 (5 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 6588-8080 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1080-8080 (5 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1080-8080 (8 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1080-8000 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1080-6588 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1080 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 8000 (1 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1080-8000 (4 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1080-8080 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1080-8080 (4 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  63.17.201.92, DL: 2, Dsts: 1, Pkts: 3980, Unique sigs: 1

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.127.4.167, DL: 2, Dsts: 3, Pkts: 20778, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  143.248.151.182, DL: 2, Dsts: 24, Pkts: 756108, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  12.32.56.253, DL: 2, Dsts: 2, Pkts: 71000, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  80.178.7.92, DL: 2, Dsts: 1, Pkts: 6928, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.215.8.158, DL: 2, Dsts: 1, Pkts: 3983, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.137.51.76, DL: 2, Dsts: 1, Pkts: 6929, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.189.224.60, DL: 2, Dsts: 1, Pkts: 3984, Unique sigs: 1

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.234.212.37, DL: 2, Dsts: 1, Pkts: 3985, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.139.177.149, DL: 2, Dsts: 2, Pkts: 13861, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.159.6, DL: 2, Dsts: 24, Pkts: 167282, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208

SRC:  216.242.199.100, DL: 2, Dsts: 1, Pkts: 35507, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.11.200.70, DL: 2, Dsts: 1, Pkts: 7007, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.168.84.104, DL: 2, Dsts: 1, Pkts: 31524, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.178.167.1, DL: 2, Dsts: 1, Pkts: 31526, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.232.118.50, DL: 2, Dsts: 1, Pkts: 31529, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  212.31.242.99, DL: 2, Dsts: 1, Pkts: 31589, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  195.131.107.4, DL: 2, Dsts: 1, Pkts: 7008, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.198.23.22, DL: 2, Dsts: 1, Pkts: 7009, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.19.149.240, DL: 2, Dsts: 1, Pkts: 7010, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.81.197.136, DL: 2, Dsts: 1, Pkts: 31592, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.179.112.54, DL: 2, Dsts: 1, Pkts: 7011, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.66.157.244, DL: 2, Dsts: 2, Pkts: 63191, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  85.70.114.231, DL: 2, Dsts: 1, Pkts: 7012, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.161.238.147, DL: 2, Dsts: 1, Pkts: 31598, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  62.62.176.2, DL: 2, Dsts: 1, Pkts: 7013, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.23.90.253, DL: 2, Dsts: 1, Pkts: 35588, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  195.22.79.162, DL: 2, Dsts: 1, Pkts: 7014, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.68.52.42, DL: 2, Dsts: 1, Pkts: 35613, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.223.193.56, DL: 2, Dsts: 1, Pkts: 7015, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  128.206.234.244, DL: 2, Dsts: 1, Pkts: 3989, Unique sigs: 2

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  213.17.204.10, DL: 2, Dsts: 2, Pkts: 14033, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.93.242.239, DL: 2, Dsts: 1, Pkts: 3990, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.60.157.20, DL: 2, Dsts: 1, Pkts: 3991, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.134.1.92, DL: 2, Dsts: 1, Pkts: 7018, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.159.36, DL: 2, Dsts: 1, Pkts: 7019, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.13.164.97, DL: 2, Dsts: 1, Pkts: 3992, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.167.201.65, DL: 2, Dsts: 2, Pkts: 14041, Unique sigs: 2

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.48.208.38, DL: 2, Dsts: 1, Pkts: 7022, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.90.173.126, DL: 2, Dsts: 1, Pkts: 7023, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.158.156.137, DL: 2, Dsts: 22, Pkts: 785323, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  63.19.72.253, DL: 2, Dsts: 1, Pkts: 35732, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.183.4.252, DL: 2, Dsts: 1, Pkts: 7024, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.108.117.84, DL: 2, Dsts: 1, Pkts: 4038, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.178.218.208, DL: 2, Dsts: 1, Pkts: 35735, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.134.152.88, DL: 2, Dsts: 2, Pkts: 14051, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  154.20.173.176, DL: 2, Dsts: 1, Pkts: 31697, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (1 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 1, DP: 31105, SYN, Sid: 2182

SRC:  61.170.132.69, DL: 2, Dsts: 23, Pkts: 729568, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  203.170.74.180, DL: 2, Dsts: 1, Pkts: 7027, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  193.109.122.36, DL: 2, Dsts: 1, Pkts: 31750, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3128-6588 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  63.224.135.138, DL: 2, Dsts: 1, Pkts: 35793, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.13.240.9, DL: 2, Dsts: 2, Pkts: 14057, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.35.30.37, DL: 2, Dsts: 7, Pkts: 222313, Unique sigs: 7

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  67.133.116.245, DL: 2, Dsts: 2, Pkts: 71615, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  63.188.49.222, DL: 2, Dsts: 1, Pkts: 35813, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.133.155.49, DL: 2, Dsts: 1, Pkts: 35817, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  199.203.141.11, DL: 2, Dsts: 1, Pkts: 35821, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.196.211.66, DL: 2, Dsts: 1, Pkts: 7030, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.157.32.16, DL: 2, Dsts: 1, Pkts: 4048, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.213.42.158, DL: 2, Dsts: 2, Pkts: 14063, Unique sigs: 2

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.153.16.21, DL: 2, Dsts: 1, Pkts: 7033, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.232.92.235, DL: 2, Dsts: 2, Pkts: 39882, Unique sigs: 2

    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  206.32.94.120, DL: 2, Dsts: 1, Pkts: 7034, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.224.110.37, DL: 2, Dsts: 1, Pkts: 7035, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.89.150.40, DL: 2, Dsts: 1, Pkts: 4051, Unique sigs: 1

    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.196.60, DL: 2, Dsts: 1, Pkts: 4052, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.8.51.2, DL: 2, Dsts: 2, Pkts: 14073, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.113.137.249, DL: 2, Dsts: 1, Pkts: 7038, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.20.2.187, DL: 2, Dsts: 1, Pkts: 35839, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.19.84.250, DL: 2, Dsts: 1, Pkts: 31796, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.20.172.74, DL: 2, Dsts: 1, Pkts: 31799, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  83.30.202.97, DL: 2, Dsts: 24, Pkts: 764076, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  149.225.16.188, DL: 2, Dsts: 1, Pkts: 7039, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.30.135.51, DL: 2, Dsts: 24, Pkts: 766080, Unique sigs: 24
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204

SRC:  217.43.41.240, DL: 2, Dsts: 1, Pkts: 7040, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.93.85.40, DL: 2, Dsts: 2, Pkts: 63937, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.156.124.172, DL: 2, Dsts: 1, Pkts: 36027, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.84.83.239, DL: 2, Dsts: 1, Pkts: 7041, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.72.33.65, DL: 2, Dsts: 1, Pkts: 4055, Unique sigs: 2

    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  222.149.21.73, DL: 2, Dsts: 1, Pkts: 31976, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  216.12.11.245, DL: 2, Dsts: 1, Pkts: 36033, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.197.213.246, DL: 2, Dsts: 1, Pkts: 7042, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.155.142.158, DL: 2, Dsts: 1, Pkts: 7043, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.90.219.138, DL: 2, Dsts: 1, Pkts: 4057, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  85.136.75.173, DL: 2, Dsts: 2, Pkts: 63961, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.127.5.254, DL: 2, Dsts: 2, Pkts: 14089, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.35.129.57, DL: 2, Dsts: 1, Pkts: 7046, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.90.72.82, DL: 2, Dsts: 1, Pkts: 36041, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.118.81.104, DL: 2, Dsts: 1, Pkts: 7047, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.169.201.105, DL: 2, Dsts: 1, Pkts: 36043, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.202.239.229, DL: 2, Dsts: 1, Pkts: 36045, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  10.74.12.20, DL: 2, Dsts: 1, Pkts: 7048, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.19.69.75, DL: 2, Dsts: 1, Pkts: 7049, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.11.94.120, DL: 2, Dsts: 1, Pkts: 4061, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.158.185.82, DL: 2, Dsts: 13, Pkts: 91728, Unique sigs: 13

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.117.6, DL: 2, Dsts: 1, Pkts: 4062, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.245.156.12, DL: 2, Dsts: 24, Pkts: 771341, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 80-8080 (8 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 80-8080 (9 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 80-8080 (7 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80-8080 (5 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 80-8080 (5 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 80-8080 (5 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 80-8080 (8 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80-8080 (8 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 80-8080 (7 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80-8080 (6 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 80-8080 (9 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 80-8080 (7 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 80-8080 (8 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80-8080 (9 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80-8080 (7 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 80-8080 (9 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 80-8080 (12 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 4, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80-8080 (8 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 80-8080 (8 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 80-8080 (9 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 80-8080 (5 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 80-8080 (9 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 80-8080 (7 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80-8080 (9 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375

SRC:  200.171.224.246, DL: 2, Dsts: 1, Pkts: 32232, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.185.75.169, DL: 2, Dsts: 8, Pkts: 56532, Unique sigs: 8

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  139.133.158.177, DL: 2, Dsts: 1, Pkts: 7071, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.57.225.22, DL: 2, Dsts: 1, Pkts: 7072, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.83.164.18, DL: 2, Dsts: 1, Pkts: 4063, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.236.228.165, DL: 2, Dsts: 24, Pkts: 773868, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  200.219.189.128, DL: 2, Dsts: 1, Pkts: 7073, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.129.203.6, DL: 2, Dsts: 1, Pkts: 32268, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  24.234.222.170, DL: 2, Dsts: 1, Pkts: 36333, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.215.165.46, DL: 2, Dsts: 3, Pkts: 21225, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.119.109.231, DL: 2, Dsts: 1, Pkts: 7077, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.151.165.49, DL: 2, Dsts: 1, Pkts: 4065, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.80.101.235, DL: 2, Dsts: 1, Pkts: 7078, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.188.250.64, DL: 2, Dsts: 2, Pkts: 14159, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.8.110.125, DL: 2, Dsts: 1, Pkts: 32279, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  213.121.212.121, DL: 2, Dsts: 4, Pkts: 16274, Unique sigs: 4

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.23.32.91, DL: 2, Dsts: 1, Pkts: 36354, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.127.46.214, DL: 2, Dsts: 24, Pkts: 841582, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  68.36.125.11, DL: 2, Dsts: 1, Pkts: 7081, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.4.243.252, DL: 2, Dsts: 1, Pkts: 36468, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  12.77.41.178, DL: 2, Dsts: 1, Pkts: 7082, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.31.125.234, DL: 2, Dsts: 1, Pkts: 4121, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.136.72.95, DL: 2, Dsts: 2, Pkts: 64703, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.75.144.177, DL: 2, Dsts: 2, Pkts: 40602, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.65.30.243, DL: 2, Dsts: 1, Pkts: 36481, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.79.158.195, DL: 2, Dsts: 1, Pkts: 32359, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.130.215.30, DL: 2, Dsts: 1, Pkts: 4126, Unique sigs: 1

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  198.45.18.20, DL: 2, Dsts: 2, Pkts: 8257, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.194.32.101, DL: 2, Dsts: 24, Pkts: 777500, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.162.49.64, DL: 2, Dsts: 1, Pkts: 7083, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.211.239.219, DL: 2, Dsts: 1, Pkts: 7084, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.136.62, DL: 2, Dsts: 1, Pkts: 4130, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.153.30.176, DL: 2, Dsts: 1, Pkts: 36563, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.21.24.41, DL: 2, Dsts: 1, Pkts: 7085, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.194.79.86, DL: 2, Dsts: 1, Pkts: 4132, Unique sigs: 2

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  60.35.87.112, DL: 2, Dsts: 1, Pkts: 32435, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  222.149.61.101, DL: 2, Dsts: 1, Pkts: 32438, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  83.31.155.15, DL: 2, Dsts: 24, Pkts: 779412, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  62.126.79.67, DL: 2, Dsts: 1, Pkts: 7087, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  202.64.148.178, DL: 2, Dsts: 1, Pkts: 7088, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.7.9.26, DL: 2, Dsts: 2, Pkts: 65027, Unique sigs: 2

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.152.233.208, DL: 2, Dsts: 2, Pkts: 8267, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.194.153.79, DL: 2, Dsts: 1, Pkts: 7089, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.93.221.40, DL: 2, Dsts: 1, Pkts: 36653, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.234.172.54, DL: 2, Dsts: 1, Pkts: 32521, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.17.117.142, DL: 2, Dsts: 1, Pkts: 4136, Unique sigs: 1

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.101.76.123, DL: 2, Dsts: 1, Pkts: 7090, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.8.105.96, DL: 2, Dsts: 1, Pkts: 32524, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.200.127.67, DL: 2, Dsts: 1, Pkts: 7091, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.175.135.173, DL: 2, Dsts: 1, Pkts: 7092, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.5.92.254, DL: 2, Dsts: 1, Pkts: 36662, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.146.24.226, DL: 2, Dsts: 24, Pkts: 781127, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  24.239.130.26, DL: 2, Dsts: 1, Pkts: 7093, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.139.184.89, DL: 2, Dsts: 3, Pkts: 21285, Unique sigs: 3

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  194.29.137.70, DL: 2, Dsts: 1, Pkts: 4138, Unique sigs: 2

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  194.203.40.52, DL: 2, Dsts: 2, Pkts: 8279, Unique sigs: 2

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.176.251.216, DL: 2, Dsts: 1, Pkts: 32570, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.155.197.17, DL: 2, Dsts: 1, Pkts: 36714, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.180.103.218, DL: 2, Dsts: 1, Pkts: 4142, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.165.119.27, DL: 2, Dsts: 1, Pkts: 32576, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  65.71.245.65, DL: 2, Dsts: 1, Pkts: 36722, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  218.11.200.71, DL: 2, Dsts: 1, Pkts: 7097, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.78.220.43, DL: 2, Dsts: 1, Pkts: 32581, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.59.22.246, DL: 2, Dsts: 1, Pkts: 36727, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.242.34.59, DL: 2, Dsts: 24, Pkts: 792114, Unique sigs: 2

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (15 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-445 (4 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-445 (12 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (9 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (7 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135-445 (12 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135-445 (7 packets)

SRC:  222.84.183.84, DL: 2, Dsts: 1, Pkts: 4148, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.233.95.230, DL: 2, Dsts: 1, Pkts: 7098, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.85.142.98, DL: 2, Dsts: 1, Pkts: 4149, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.12.131.212, DL: 2, Dsts: 3, Pkts: 21300, Unique sigs: 3

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.87.159.91, DL: 2, Dsts: 1, Pkts: 7102, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.56.93.196, DL: 2, Dsts: 1, Pkts: 7103, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.150.209.68, DL: 2, Dsts: 1, Pkts: 32731, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  82.114.66.186, DL: 2, Dsts: 1, Pkts: 4150, Unique sigs: 2

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.27.134.208, DL: 2, Dsts: 1, Pkts: 36885, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  130.91.229.208, DL: 2, Dsts: 2, Pkts: 14209, Unique sigs: 2

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.110.9.28, DL: 2, Dsts: 1, Pkts: 32742, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  212.171.238.124, DL: 2, Dsts: 1, Pkts: 32745, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  217.96.187.111, DL: 2, Dsts: 1, Pkts: 7106, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.23.242.137, DL: 2, Dsts: 1, Pkts: 7107, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.18.185.195, DL: 2, Dsts: 1, Pkts: 32746, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  167.95.36.79, DL: 2, Dsts: 1, Pkts: 36899, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.192.189.201, DL: 2, Dsts: 1, Pkts: 7108, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.176.188.156, DL: 2, Dsts: 1, Pkts: 32750, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  203.94.224.105, DL: 2, Dsts: 1, Pkts: 32753, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  84.204.104.73, DL: 2, Dsts: 24, Pkts: 786972, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  222.149.151.240, DL: 2, Dsts: 1, Pkts: 7109, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.15.118.214, DL: 2, Dsts: 1, Pkts: 4153, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  158.121.86.78, DL: 2, Dsts: 1, Pkts: 4154, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.22.63.208, DL: 2, Dsts: 1, Pkts: 36983, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.119.47.236, DL: 2, Dsts: 24, Pkts: 788772, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  63.23.27.8, DL: 2, Dsts: 1, Pkts: 7110, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.62.147.148, DL: 2, Dsts: 1, Pkts: 32903, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  35.11.228.62, DL: 2, Dsts: 1, Pkts: 37062, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  61.2.196.173, DL: 2, Dsts: 1, Pkts: 32908, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  82.123.18.62, DL: 2, Dsts: 1, Pkts: 32911, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.249.153.88, DL: 2, Dsts: 1, Pkts: 7111, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.81.200.36, DL: 2, Dsts: 24, Pkts: 790764, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  64.235.172.97, DL: 2, Dsts: 24, Pkts: 794893, Unique sigs: 45

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 8, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 8, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  63.188.113.192, DL: 2, Dsts: 1, Pkts: 4193, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  64.60.235.26, DL: 2, Dsts: 1, Pkts: 37367, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.154.67.104, DL: 2, Dsts: 1, Pkts: 33176, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  11.11.133.118, DL: 2, Dsts: 23, Pkts: 765105, Unique sigs: 23, local IP!

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 8, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 8, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1025-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1025-6129 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (7 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 10, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (7 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 7, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1025-1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 8, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1025-1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1025-1433 (7 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (18 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 18, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1025-1433 (7 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  61.15.84.38, DL: 2, Dsts: 1, Pkts: 4195, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  12.44.66.152, DL: 2, Dsts: 1, Pkts: 4196, Unique sigs: 2

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  202.154.225.82, DL: 2, Dsts: 24, Pkts: 801364, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.93.85.50, DL: 2, Dsts: 2, Pkts: 14225, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.41.31.77, DL: 2, Dsts: 1, Pkts: 7114, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.98.182.59, DL: 2, Dsts: 2, Pkts: 14231, Unique sigs: 2

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.80.153.191, DL: 2, Dsts: 1, Pkts: 7117, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  10.130.51.189, DL: 2, Dsts: 1, Pkts: 4197, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.52.181.170, DL: 2, Dsts: 20, Pkts: 668690, Unique sigs: 20

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.15.222.153, DL: 2, Dsts: 1, Pkts: 4198, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  80.36.118.70, DL: 2, Dsts: 1, Pkts: 33447, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  139.133.134.70, DL: 2, Dsts: 24, Pkts: 171391, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  61.53.108.75, DL: 2, Dsts: 1, Pkts: 33449, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  221.126.77.9, DL: 2, Dsts: 1, Pkts: 7164, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.106.116.167, DL: 2, Dsts: 24, Pkts: 803376, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  60.36.35.136, DL: 2, Dsts: 1, Pkts: 7165, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.80.133.251, DL: 2, Dsts: 1, Pkts: 37699, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.103.106.188, DL: 2, Dsts: 1, Pkts: 7166, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.201.200.65, DL: 2, Dsts: 1, Pkts: 37701, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.192.62.13, DL: 2, Dsts: 2, Pkts: 14335, Unique sigs: 2

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.2.121.24, DL: 2, Dsts: 1, Pkts: 33540, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.34.191.50, DL: 2, Dsts: 1, Pkts: 7169, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.199.121.191, DL: 2, Dsts: 1, Pkts: 7170, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.41.9, DL: 2, Dsts: 1, Pkts: 4201, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  4.177.18.14, DL: 2, Dsts: 1, Pkts: 33543, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.104.139.13, DL: 2, Dsts: 1, Pkts: 4202, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.220.97.95, DL: 2, Dsts: 1, Pkts: 7171, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.169.48.60, DL: 2, Dsts: 1, Pkts: 33545, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  207.239.42.179, DL: 2, Dsts: 1, Pkts: 4203, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.81.83.254, DL: 2, Dsts: 1, Pkts: 37750, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.77.253, DL: 2, Dsts: 1, Pkts: 7172, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  165.146.61.106, DL: 2, Dsts: 1, Pkts: 7173, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.13.246.248, DL: 2, Dsts: 1, Pkts: 37754, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.157.35.16, DL: 2, Dsts: 2, Pkts: 67103, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  68.96.19.108, DL: 2, Dsts: 24, Pkts: 805932, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  208.209.199.105, DL: 2, Dsts: 1, Pkts: 7174, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.16.212.177, DL: 2, Dsts: 1, Pkts: 37816, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.140.33.90, DL: 2, Dsts: 9, Pkts: 340479, Unique sigs: 9

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3306 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  84.94.31.194, DL: 2, Dsts: 24, Pkts: 807733, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  202.6.107.250, DL: 2, Dsts: 1, Pkts: 37918, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  193.109.122.17, DL: 2, Dsts: 1, Pkts: 33694, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3128 (1 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  65.27.44.150, DL: 2, Dsts: 1, Pkts: 37921, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.126.215.65, DL: 2, Dsts: 1, Pkts: 37925, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.201.71.187, DL: 2, Dsts: 1, Pkts: 7175, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.166.146.131, DL: 2, Dsts: 1, Pkts: 37929, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.97.33.209, DL: 2, Dsts: 1, Pkts: 33704, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.18.167.58, DL: 2, Dsts: 1, Pkts: 4229, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.63.230.62, DL: 2, Dsts: 1, Pkts: 37935, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.92.149.247, DL: 2, Dsts: 24, Pkts: 809520, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.25.240.242, DL: 2, Dsts: 1, Pkts: 37985, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  146.64.114.11, DL: 2, Dsts: 1, Pkts: 4232, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.240.41.165, DL: 2, Dsts: 1, Pkts: 7184, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.190.92.13, DL: 2, Dsts: 9, Pkts: 65212, Unique sigs: 9

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1026-1027 (16 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 16, DP: 1027, Sid: 100196
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026-1027 (14 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 14, DP: 1026, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026-1027 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1027, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1026, Sid: 100196
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026-1027 (17 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 17, DP: 1026, Sid: 100196
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1026-1027 (16 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 16, DP: 1027, Sid: 100196
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026-1027 (15 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 15, DP: 1026, Sid: 100196
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196

SRC:  10.137.160.5, DL: 2, Dsts: 1, Pkts: 4233, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.62.109.21, DL: 2, Dsts: 2, Pkts: 14595, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.228.95.114, DL: 2, Dsts: 1, Pkts: 33755, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3128 (1 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  222.149.194.120, DL: 2, Dsts: 3, Pkts: 21900, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.202.236.60, DL: 2, Dsts: 1, Pkts: 37990, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  12.172.137.4, DL: 2, Dsts: 2, Pkts: 75988, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.94.194.57, DL: 2, Dsts: 1, Pkts: 4237, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.225.140.188, DL: 2, Dsts: 2, Pkts: 67544, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 42-1025 (18 packets)

SRC:  63.183.177.114, DL: 2, Dsts: 1, Pkts: 38021, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.57.31.30, DL: 2, Dsts: 1, Pkts: 7302, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  138.88.38.203, DL: 2, Dsts: 1, Pkts: 38025, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.135.228.138, DL: 2, Dsts: 1, Pkts: 7303, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.133.122.7, DL: 2, Dsts: 24, Pkts: 811552, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.233.125.123, DL: 2, Dsts: 1, Pkts: 38085, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.159.95.156, DL: 2, Dsts: 1, Pkts: 7304, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.11.237.14, DL: 2, Dsts: 4, Pkts: 29226, Unique sigs: 4

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.115.190.128, DL: 2, Dsts: 1, Pkts: 4241, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  212.47.129.52, DL: 2, Dsts: 1, Pkts: 7309, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.227.166.94, DL: 2, Dsts: 1, Pkts: 33848, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  66.15.150.234, DL: 2, Dsts: 24, Pkts: 102684, Unique sigs: 24

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  12.44.67.198, DL: 2, Dsts: 1, Pkts: 4314, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  69.244.80.211, DL: 2, Dsts: 1, Pkts: 7310, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.98.188.16, DL: 2, Dsts: 11, Pkts: 80493, Unique sigs: 11

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.1.236.253, DL: 2, Dsts: 1, Pkts: 4315, Unique sigs: 2

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  205.138.54.202, DL: 2, Dsts: 1, Pkts: 7324, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.182.116.9, DL: 2, Dsts: 1, Pkts: 33979, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  144.137.190.74, DL: 2, Dsts: 1, Pkts: 7325, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.232.128.100, DL: 2, Dsts: 1, Pkts: 38296, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.77.152.65, DL: 2, Dsts: 1, Pkts: 38300, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.170.252.157, DL: 2, Dsts: 1, Pkts: 4318, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.199.96.65, DL: 2, Dsts: 24, Pkts: 816483, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  24.37.70.58, DL: 2, Dsts: 1, Pkts: 4319, Unique sigs: 2

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  67.219.166.229, DL: 2, Dsts: 1, Pkts: 7326, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.156.220.65, DL: 2, Dsts: 1, Pkts: 7327, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.226.51.228, DL: 2, Dsts: 1, Pkts: 7328, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.159.88.153, DL: 2, Dsts: 1, Pkts: 4320, Unique sigs: 1

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  10.52.10.99, DL: 2, Dsts: 1, Pkts: 7329, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.75.29.42, DL: 2, Dsts: 1, Pkts: 7330, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.183.137.31, DL: 2, Dsts: 2, Pkts: 8643, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.137.207.123, DL: 2, Dsts: 10, Pkts: 73355, Unique sigs: 10

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.251.46.78, DL: 2, Dsts: 1, Pkts: 34057, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  202.63.99.46, DL: 2, Dsts: 1, Pkts: 34066, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  222.148.155.11, DL: 2, Dsts: 1, Pkts: 7341, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.102.139.32, DL: 2, Dsts: 1, Pkts: 7342, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  11.11.133.130, DL: 2, Dsts: 23, Pkts: 785577, Unique sigs: 5, local IP!
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1025 (7 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1025-6129 (7 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 80-5554 (15 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1025 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1025 (6 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1025-5554 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1025 (10 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1025 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1025 (5 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1025 (3 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1025 (6 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1025-5554 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1025 (7 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1025 (6 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1025-5554 (13 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1025 (5 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1025 (1 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1025 (7 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 80-6129 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 80-5554 (23 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1025 (8 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80-5000 (10 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 80-6129 (24 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205

SRC:  81.211.254.119, DL: 2, Dsts: 1, Pkts: 7343, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.126.156.170, DL: 2, Dsts: 1, Pkts: 7344, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.200.120.21, DL: 2, Dsts: 1, Pkts: 34271, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.100.5.143, DL: 2, Dsts: 24, Pkts: 822804, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  210.118.163.249, DL: 2, Dsts: 24, Pkts: 823380, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.18.89.185, DL: 2, Dsts: 1, Pkts: 4323, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.133.106.27, DL: 2, Dsts: 1, Pkts: 34322, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  193.109.122.29, DL: 2, Dsts: 1, Pkts: 34323, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3128 (1 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  62.150.64.161, DL: 2, Dsts: 2, Pkts: 14691, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.153.68.42, DL: 2, Dsts: 1, Pkts: 4324, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.11.4.75, DL: 2, Dsts: 1, Pkts: 34326, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  84.66.198.60, DL: 2, Dsts: 1, Pkts: 34329, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.0.195.171, DL: 2, Dsts: 16, Pkts: 515802, Unique sigs: 29

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.150.77.244, DL: 2, Dsts: 3, Pkts: 22049, Unique sigs: 3

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1026-1027 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1027, Sid: 100196
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1026-1027 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1027, Sid: 100196
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1027 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1027, Sid: 100196

SRC:  211.178.31.67, DL: 2, Dsts: 10, Pkts: 343625, Unique sigs: 10

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  69.240.108.59, DL: 2, Dsts: 1, Pkts: 7352, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.74.141.211, DL: 2, Dsts: 23, Pkts: 790922, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  222.120.39.247, DL: 2, Dsts: 3, Pkts: 103242, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204

SRC:  207.58.194.2, DL: 2, Dsts: 1, Pkts: 4341, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.74.135, DL: 2, Dsts: 1, Pkts: 7353, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.81.152.42, DL: 2, Dsts: 1, Pkts: 7354, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  59.95.0.146, DL: 2, Dsts: 1, Pkts: 34421, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.234.117.236, DL: 2, Dsts: 1, Pkts: 7355, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.127.57.197, DL: 2, Dsts: 2, Pkts: 14713, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.12.129.157, DL: 2, Dsts: 1, Pkts: 7358, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.205.6.71, DL: 2, Dsts: 1, Pkts: 38764, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.71.164.142, DL: 2, Dsts: 1, Pkts: 4343, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.53.61.228, DL: 2, Dsts: 1, Pkts: 7359, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.140.155.18, DL: 2, Dsts: 2, Pkts: 68851, Unique sigs: 2

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.53.107.129, DL: 2, Dsts: 1, Pkts: 34428, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  219.129.20.104, DL: 2, Dsts: 1, Pkts: 7360, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.239.53.138, DL: 2, Dsts: 1, Pkts: 7361, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.114.206.78, DL: 2, Dsts: 24, Pkts: 827160, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  24.202.21.225, DL: 2, Dsts: 1, Pkts: 34502, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.57.209.82, DL: 2, Dsts: 1, Pkts: 34505, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  202.96.90.37, DL: 2, Dsts: 5, Pkts: 36820, Unique sigs: 5

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.194.86.153, DL: 2, Dsts: 24, Pkts: 829020, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  64.174.46.89, DL: 2, Dsts: 1, Pkts: 38924, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.98.25.98, DL: 2, Dsts: 1, Pkts: 7367, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.78.4.2, DL: 2, Dsts: 24, Pkts: 177960, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208

SRC:  61.134.61.227, DL: 2, Dsts: 17, Pkts: 127010, Unique sigs: 17

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  151.30.204.182, DL: 2, Dsts: 1, Pkts: 7485, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.41.195.196, DL: 2, Dsts: 1, Pkts: 7486, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.45.161.221, DL: 2, Dsts: 1, Pkts: 34584, Unique sigs: 1
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  221.184.120.64, DL: 2, Dsts: 1, Pkts: 7487, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.147.184.52, DL: 2, Dsts: 1, Pkts: 7488, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.161.47, DL: 2, Dsts: 5, Pkts: 37455, Unique sigs: 5

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.1.120.219, DL: 2, Dsts: 1, Pkts: 7494, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.64.245.203, DL: 2, Dsts: 2, Pkts: 14991, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  204.100.91.113, DL: 2, Dsts: 1, Pkts: 4345, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.240.244.6, DL: 2, Dsts: 1, Pkts: 4346, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.80.21.8, DL: 2, Dsts: 1, Pkts: 4347, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.176.10.25, DL: 2, Dsts: 1, Pkts: 34616, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  68.20.98.236, DL: 2, Dsts: 1, Pkts: 7497, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.15.11.134, DL: 2, Dsts: 1, Pkts: 4348, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.115.97.143, DL: 2, Dsts: 1, Pkts: 7498, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.185.0.96, DL: 2, Dsts: 2, Pkts: 77940, Unique sigs: 2

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.232.252.188, DL: 2, Dsts: 1, Pkts: 4351, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  144.139.21.44, DL: 2, Dsts: 1, Pkts: 7499, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.222.72.193, DL: 2, Dsts: 1, Pkts: 34625, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.17.6.179, DL: 2, Dsts: 1, Pkts: 4352, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  196.202.144.124, DL: 2, Dsts: 1, Pkts: 7500, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.171.78.160, DL: 2, Dsts: 1, Pkts: 34628, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  222.99.149.123, DL: 2, Dsts: 1, Pkts: 4353, Unique sigs: 2

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  61.18.109.10, DL: 2, Dsts: 1, Pkts: 4354, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  85.96.251.223, DL: 2, Dsts: 1, Pkts: 7501, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.45.67.146, DL: 2, Dsts: 24, Pkts: 1053185, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 139-445 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 139-445 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  135.143.22.182, DL: 2, Dsts: 24, Pkts: 834132, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  212.65.1.170, DL: 2, Dsts: 1, Pkts: 7557, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.236.208.25, DL: 2, Dsts: 2, Pkts: 43531, Unique sigs: 2

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.130.12.227, DL: 2, Dsts: 1, Pkts: 4383, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.111.168.14, DL: 2, Dsts: 1, Pkts: 34771, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.181.176.82, DL: 2, Dsts: 1, Pkts: 34774, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  219.133.134.75, DL: 2, Dsts: 1, Pkts: 34777, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.200.219.118, DL: 2, Dsts: 1, Pkts: 34813, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  222.43.34.206, DL: 2, Dsts: 24, Pkts: 836412, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  148.221.45.202, DL: 2, Dsts: 1, Pkts: 7558, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.126.109.211, DL: 2, Dsts: 23, Pkts: 804288, Unique sigs: 39

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 901-27374 (5 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 901-12345 (2 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 901-27374 (9 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 901-27374 (6 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 2, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 1, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 901-12345 (3 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 2, DP: 12345, SYN, Sid: 100028
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 901-3410 (2 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 901-27374 (9 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 901-12345 (3 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 901-27374 (9 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 2, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3410-27374 (3 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 1, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 901-27374 (4 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 1, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3410-27374 (3 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 1, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 1, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3410 (1 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 901-27374 (10 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 901-27374 (6 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 2, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 901-27374 (12 packets)
        Signature match: "BACKDOOR netbus Connection Cttempt" (tcp), Chain: FORWARD, Count: 3, DP: 12345, SYN, Sid: 100028
        Signature match: "BACKDOOR Subseven connection attempt" (tcp), Chain: FORWARD, Count: 3, DP: 27374, SYN, Sid: 100207

SRC:  172.169.133.68, DL: 2, Dsts: 1, Pkts: 7559, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.17.150.225, DL: 2, Dsts: 1, Pkts: 7560, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.20.215.12, DL: 2, Dsts: 1, Pkts: 4384, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.197.76.93, DL: 2, Dsts: 1, Pkts: 7561, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.130.232.3, DL: 2, Dsts: 1, Pkts: 4385, Unique sigs: 2

    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  211.136.74.15, DL: 2, Dsts: 1, Pkts: 35058, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  70.182.70.176, DL: 2, Dsts: 1, Pkts: 7562, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  157.91.48.26, DL: 2, Dsts: 1, Pkts: 4386, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  194.73.118.78, DL: 2, Dsts: 1, Pkts: 4387, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.190.6.80, DL: 2, Dsts: 1, Pkts: 4388, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.166.186.154, DL: 2, Dsts: 1, Pkts: 7563, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.11.237.169, DL: 2, Dsts: 4, Pkts: 30262, Unique sigs: 4

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.202.216.40, DL: 2, Dsts: 24, Pkts: 842133, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  83.30.47.68, DL: 2, Dsts: 1, Pkts: 7568, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.238.193, DL: 2, Dsts: 1, Pkts: 4390, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  203.134.13.153, DL: 2, Dsts: 1, Pkts: 7569, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.241.191.127, DL: 2, Dsts: 1, Pkts: 35121, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  81.214.111.88, DL: 2, Dsts: 19, Pkts: 667821, Unique sigs: 19
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  165.165.225.26, DL: 2, Dsts: 1, Pkts: 7570, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.251.148, DL: 2, Dsts: 1, Pkts: 4391, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.34.88.154, DL: 2, Dsts: 3, Pkts: 22716, Unique sigs: 3

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.22.218.122, DL: 2, Dsts: 1, Pkts: 4392, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.192.114.6, DL: 2, Dsts: 1, Pkts: 7574, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.126.79.84, DL: 2, Dsts: 1, Pkts: 7576, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  213.240.253.186, DL: 2, Dsts: 24, Pkts: 845028, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  67.71.87.177, DL: 2, Dsts: 1, Pkts: 7577, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.0.254.23, DL: 2, Dsts: 1, Pkts: 4393, Unique sigs: 2

    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  220.85.150.187, DL: 2, Dsts: 2, Pkts: 70494, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  210.210.60.87, DL: 2, Dsts: 1, Pkts: 35252, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  218.16.240.227, DL: 2, Dsts: 1, Pkts: 35255, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.165.152.66, DL: 2, Dsts: 1, Pkts: 4394, Unique sigs: 1

    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.209.72.249, DL: 2, Dsts: 1, Pkts: 7578, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.43.54.182, DL: 2, Dsts: 24, Pkts: 847020, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  24.195.234.75, DL: 2, Dsts: 1, Pkts: 4395, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.190.108.138, DL: 2, Dsts: 1, Pkts: 35328, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (1 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 1, DP: 31105, SYN, Sid: 2182

SRC:  213.100.56.207, DL: 2, Dsts: 16, Pkts: 121384, Unique sigs: 16

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.51.227.146, DL: 2, Dsts: 1, Pkts: 4396, Unique sigs: 2

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  211.103.103.35, DL: 2, Dsts: 1, Pkts: 7596, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  82.232.233.211, DL: 2, Dsts: 1, Pkts: 7597, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.20.14, DL: 2, Dsts: 1, Pkts: 4397, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.62.30.24, DL: 2, Dsts: 18, Pkts: 137045, Unique sigs: 18

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208

SRC:  63.18.79.51, DL: 2, Dsts: 1, Pkts: 4398, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.22.48.213, DL: 2, Dsts: 1, Pkts: 39730, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.107.111.57, DL: 2, Dsts: 1, Pkts: 7633, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.172.123.55, DL: 2, Dsts: 1, Pkts: 7634, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.62.90.180, DL: 2, Dsts: 1, Pkts: 39732, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.98.20.164, DL: 2, Dsts: 1, Pkts: 7635, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.81.185.38, DL: 2, Dsts: 24, Pkts: 848732, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  68.189.124.92, DL: 2, Dsts: 1, Pkts: 39795, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.137.240.77, DL: 2, Dsts: 1, Pkts: 7636, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.219.119.130, DL: 2, Dsts: 1, Pkts: 7637, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.18.70.107, DL: 2, Dsts: 1, Pkts: 39797, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.146, DL: 2, Dsts: 3, Pkts: 22917, Unique sigs: 3

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.90.4.61, DL: 2, Dsts: 1, Pkts: 4403, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.133.139.138, DL: 2, Dsts: 1, Pkts: 35397, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.185.79.21, DL: 2, Dsts: 1, Pkts: 7641, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.216.241, DL: 2, Dsts: 1, Pkts: 4404, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.202.68.211, DL: 2, Dsts: 24, Pkts: 850414, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  217.253.75.18, DL: 2, Dsts: 1, Pkts: 35470, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.15.27.56, DL: 2, Dsts: 1, Pkts: 4405, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.94.223.85, DL: 2, Dsts: 3, Pkts: 22929, Unique sigs: 3

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.179.140.133, DL: 2, Dsts: 1, Pkts: 7645, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.210.161.150, DL: 2, Dsts: 1, Pkts: 7646, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.40.101.18, DL: 2, Dsts: 2, Pkts: 15295, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.110.135.237, DL: 2, Dsts: 1, Pkts: 4406, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.131.131, DL: 2, Dsts: 1, Pkts: 7649, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.207.87.176, DL: 2, Dsts: 24, Pkts: 852180, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.145.91.57, DL: 2, Dsts: 1, Pkts: 4407, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.202.201.31, DL: 2, Dsts: 1, Pkts: 7650, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.3.160.89, DL: 2, Dsts: 1, Pkts: 7651, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.159.88.68, DL: 2, Dsts: 1, Pkts: 7652, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.26.195.206, DL: 2, Dsts: 1, Pkts: 4408, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.250.17.147, DL: 2, Dsts: 1, Pkts: 35545, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  81.130.172.112, DL: 2, Dsts: 1, Pkts: 7653, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.92.187.239, DL: 2, Dsts: 1, Pkts: 35548, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.66.67.134, DL: 2, Dsts: 1, Pkts: 7654, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.115.86.241, DL: 2, Dsts: 1, Pkts: 7655, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.147.176.187, DL: 2, Dsts: 3, Pkts: 106662, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  84.68.80.125, DL: 2, Dsts: 1, Pkts: 7656, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.156.233.168, DL: 2, Dsts: 1, Pkts: 4409, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.23.0.31, DL: 2, Dsts: 1, Pkts: 7657, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.170.85.231, DL: 2, Dsts: 1, Pkts: 39968, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.228.186, DL: 2, Dsts: 1, Pkts: 4411, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.170.44.136, DL: 2, Dsts: 1, Pkts: 4412, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.175.62.145, DL: 2, Dsts: 1, Pkts: 4413, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.153.101.212, DL: 2, Dsts: 1, Pkts: 4414, Unique sigs: 1

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.183.134.203, DL: 2, Dsts: 1, Pkts: 35561, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.208.53.234, DL: 2, Dsts: 24, Pkts: 854254, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  217.71.253.112, DL: 2, Dsts: 1, Pkts: 7658, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.157.212.176, DL: 2, Dsts: 1, Pkts: 7659, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.50.16.65, DL: 2, Dsts: 1, Pkts: 7660, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.149.230.217, DL: 2, Dsts: 1, Pkts: 35626, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.184.99.45, DL: 2, Dsts: 23, Pkts: 819993, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  61.129.70.29, DL: 2, Dsts: 1, Pkts: 7661, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.12.126.156, DL: 2, Dsts: 1, Pkts: 7662, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.156.238.89, DL: 2, Dsts: 23, Pkts: 820801, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  63.188.96.118, DL: 2, Dsts: 2, Pkts: 40116, Unique sigs: 1

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  68.250.190.161, DL: 2, Dsts: 1, Pkts: 40118, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.21.45.13, DL: 2, Dsts: 1, Pkts: 40122, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.132.242.114, DL: 2, Dsts: 1, Pkts: 4418, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.247.129.84, DL: 2, Dsts: 1, Pkts: 7663, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.187.149.211, DL: 2, Dsts: 1, Pkts: 7664, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  153.19.128.163, DL: 2, Dsts: 3, Pkts: 22998, Unique sigs: 3

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.55.131.90, DL: 2, Dsts: 24, Pkts: 857804, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  172.130.87.139, DL: 2, Dsts: 1, Pkts: 7668, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.159.120.177, DL: 2, Dsts: 1, Pkts: 40197, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.166.18.138, DL: 2, Dsts: 24, Pkts: 859572, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  59.104.163.190, DL: 2, Dsts: 1, Pkts: 7669, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.99.90.210, DL: 2, Dsts: 2, Pkts: 8841, Unique sigs: 2

    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.203.37.218, DL: 2, Dsts: 1, Pkts: 7670, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.216.14.14, DL: 2, Dsts: 1, Pkts: 35858, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3127 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375

SRC:  218.22.148.178, DL: 2, Dsts: 1, Pkts: 35859, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  168.221.143.68, DL: 2, Dsts: 1, Pkts: 4422, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  58.8.247.71, DL: 2, Dsts: 1, Pkts: 7671, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.150.161.16, DL: 2, Dsts: 17, Pkts: 130607, Unique sigs: 17

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.54.34.96, DL: 2, Dsts: 1, Pkts: 4423, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.238.223.66, DL: 2, Dsts: 5, Pkts: 57991, Unique sigs: 5

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  211.162.56.62, DL: 2, Dsts: 1, Pkts: 40291, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.96.123.74, DL: 2, Dsts: 1, Pkts: 35862, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (1 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 1, DP: 31105, SYN, Sid: 2182

SRC:  60.7.43.117, DL: 2, Dsts: 1, Pkts: 35864, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  84.67.151.61, DL: 2, Dsts: 1, Pkts: 35867, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.15.23.76, DL: 2, Dsts: 1, Pkts: 4431, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.217.133.134, DL: 2, Dsts: 1, Pkts: 7694, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.216.201.212, DL: 2, Dsts: 1, Pkts: 7695, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.127.31.219, DL: 2, Dsts: 3, Pkts: 23091, Unique sigs: 3

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.15.21.217, DL: 2, Dsts: 1, Pkts: 4432, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  209.6.133.124, DL: 2, Dsts: 10, Pkts: 358774, Unique sigs: 10

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  220.79.93.90, DL: 2, Dsts: 1, Pkts: 35889, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  83.130.69.94, DL: 2, Dsts: 24, Pkts: 862236, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.1.145.131, DL: 2, Dsts: 1, Pkts: 35963, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.19.82.85, DL: 2, Dsts: 1, Pkts: 4433, Unique sigs: 1

    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  208.210.198.153, DL: 2, Dsts: 1, Pkts: 7699, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.194.160.209, DL: 2, Dsts: 1, Pkts: 7700, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.142.45.204, DL: 2, Dsts: 1, Pkts: 7701, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.232.144.84, DL: 2, Dsts: 1, Pkts: 4434, Unique sigs: 1

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.146.87.46, DL: 2, Dsts: 15, Pkts: 539565, Unique sigs: 15

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  67.95.99.12, DL: 2, Dsts: 1, Pkts: 7702, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.65.114.67, DL: 2, Dsts: 24, Pkts: 864184, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  12.174.230.2, DL: 2, Dsts: 1, Pkts: 40469, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.202.151.207, DL: 2, Dsts: 1, Pkts: 7703, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.147.251.122, DL: 2, Dsts: 2, Pkts: 80944, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.160.63.19, DL: 2, Dsts: 4, Pkts: 144154, Unique sigs: 4

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  80.177.64.60, DL: 2, Dsts: 1, Pkts: 7704, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.226.132.108, DL: 2, Dsts: 1, Pkts: 36042, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  221.6.98.142, DL: 2, Dsts: 3, Pkts: 23118, Unique sigs: 3

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.255.201.26, DL: 2, Dsts: 1, Pkts: 36045, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.61.32.16, DL: 2, Dsts: 2, Pkts: 15417, Unique sigs: 2

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.12.129.46, DL: 2, Dsts: 1, Pkts: 7710, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.39.131.144, DL: 2, Dsts: 7, Pkts: 82335, Unique sigs: 6

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  222.148.18.196, DL: 2, Dsts: 3, Pkts: 23160, Unique sigs: 3

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.17.18.143, DL: 2, Dsts: 1, Pkts: 40489, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.63.217.61, DL: 2, Dsts: 2, Pkts: 15445, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.205.9.229, DL: 2, Dsts: 24, Pkts: 106812, Unique sigs: 24

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.81.153.242, DL: 2, Dsts: 24, Pkts: 866124, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  210.216.255.113, DL: 2, Dsts: 2, Pkts: 72255, Unique sigs: 2

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.18.198.13, DL: 2, Dsts: 1, Pkts: 4463, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.159.48.93, DL: 2, Dsts: 1, Pkts: 4464, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.20.136.223, DL: 2, Dsts: 1, Pkts: 40626, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.140.25.187, DL: 2, Dsts: 1, Pkts: 36164, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  196.206.3.221, DL: 2, Dsts: 1, Pkts: 36167, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  68.188.65.90, DL: 2, Dsts: 1, Pkts: 7724, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.51.110.87, DL: 2, Dsts: 1, Pkts: 4466, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.188.100.51, DL: 2, Dsts: 16, Pkts: 578913, Unique sigs: 16

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  219.186.156.26, DL: 2, Dsts: 1, Pkts: 40663, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.18.76.196, DL: 2, Dsts: 1, Pkts: 4468, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  131.174.235.200, DL: 2, Dsts: 5, Pkts: 38635, Unique sigs: 5

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.83.59.15, DL: 2, Dsts: 1, Pkts: 36198, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  222.144.69.92, DL: 2, Dsts: 3, Pkts: 23193, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.16.184.138, DL: 2, Dsts: 1, Pkts: 4469, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  199.243.81.6, DL: 2, Dsts: 24, Pkts: 869635, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433-3306 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433-3306 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433-3306 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433-3306 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433-3306 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433-3306 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433-3306 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433-3306 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  217.40.6.181, DL: 2, Dsts: 24, Pkts: 871348, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.159.18.178, DL: 2, Dsts: 1, Pkts: 7733, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.89.174.62, DL: 2, Dsts: 1, Pkts: 44088, Unique sigs: 0

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-445 (12 packets)

SRC:  222.150.69.130, DL: 2, Dsts: 1, Pkts: 7737, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.166.83.149, DL: 2, Dsts: 1, Pkts: 36355, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  213.212.230.217, DL: 2, Dsts: 24, Pkts: 873420, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  66.147.126.38, DL: 2, Dsts: 1, Pkts: 7738, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.125.100.18, DL: 2, Dsts: 1, Pkts: 36430, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  207.114.230.77, DL: 2, Dsts: 1, Pkts: 4470, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.235.110.36, DL: 2, Dsts: 1, Pkts: 40904, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  85.66.21.48, DL: 2, Dsts: 1, Pkts: 36436, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  80.239.114.41, DL: 2, Dsts: 1, Pkts: 7739, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.76.210.85, DL: 2, Dsts: 1, Pkts: 36439, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  222.147.220.119, DL: 2, Dsts: 1, Pkts: 7740, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.144.241.245, DL: 2, Dsts: 1, Pkts: 7741, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.212.254.53, DL: 2, Dsts: 1, Pkts: 7742, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.10.188.178, DL: 2, Dsts: 1, Pkts: 36440, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 31105 (1 packets)
        Signature match: "BACKDOOR typot trojan traffic" (tcp), Chain: FORWARD, Count: 1, DP: 31105, SYN, Sid: 2182

SRC:  200.214.138.6, DL: 2, Dsts: 1, Pkts: 7743, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.148.154.130, DL: 2, Dsts: 1, Pkts: 7744, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.238.227.2, DL: 2, Dsts: 2, Pkts: 8945, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  208.59.164.110, DL: 2, Dsts: 1, Pkts: 7745, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.101.13.224, DL: 2, Dsts: 24, Pkts: 836970, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 21 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 21 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.134.49.44, DL: 2, Dsts: 5, Pkts: 38740, Unique sigs: 5

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.13.164.231, DL: 2, Dsts: 1, Pkts: 7751, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.150.182.157, DL: 2, Dsts: 1, Pkts: 36491, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  63.70.73.18, DL: 2, Dsts: 5, Pkts: 182536, Unique sigs: 5

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.16.110.242, DL: 2, Dsts: 1, Pkts: 4498, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.176.184.80, DL: 2, Dsts: 1, Pkts: 41017, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.127.6.22, DL: 2, Dsts: 4, Pkts: 31014, Unique sigs: 4

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.223.85.187, DL: 2, Dsts: 11, Pkts: 401828, Unique sigs: 11

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  66.110.124.5, DL: 2, Dsts: 1, Pkts: 4500, Unique sigs: 2

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  213.234.125.93, DL: 2, Dsts: 1, Pkts: 36541, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  222.147.245.215, DL: 2, Dsts: 1, Pkts: 7756, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.201.86.54, DL: 2, Dsts: 5, Pkts: 38795, Unique sigs: 5

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.18.43.201, DL: 2, Dsts: 1, Pkts: 36543, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  200.241.213.77, DL: 2, Dsts: 1, Pkts: 36546, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  195.214.236.65, DL: 2, Dsts: 1, Pkts: 7762, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.219.110.73, DL: 2, Dsts: 2, Pkts: 15527, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.137.203.253, DL: 2, Dsts: 1, Pkts: 36549, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  146.184.4.62, DL: 2, Dsts: 2, Pkts: 45555, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.152.209.158, DL: 2, Dsts: 24, Pkts: 877848, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  219.186.156.50, DL: 2, Dsts: 1, Pkts: 41104, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.202.40.156, DL: 2, Dsts: 2, Pkts: 73211, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  24.151.247.237, DL: 2, Dsts: 1, Pkts: 7765, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.239.137.125, DL: 2, Dsts: 17, Pkts: 623672, Unique sigs: 28

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-6101 (10 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-139 (2 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 42-6101 (7 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899-5900 (2 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-6101 (7 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-6101 (7 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-6101 (11 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 42-6101 (12 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-6101 (6 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 42 (1 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-6101 (18 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  220.213.23.37, DL: 2, Dsts: 1, Pkts: 36784, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.143.3.1, DL: 2, Dsts: 1, Pkts: 7766, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.186.168.149, DL: 2, Dsts: 1, Pkts: 4504, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.215.162.23, DL: 2, Dsts: 1, Pkts: 41292, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.48.15.133, DL: 2, Dsts: 24, Pkts: 883508, Unique sigs: 24
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  218.26.197.2, DL: 2, Dsts: 4, Pkts: 147366, Unique sigs: 4

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  63.187.224.244, DL: 2, Dsts: 1, Pkts: 4506, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.25.49.126, DL: 2, Dsts: 1, Pkts: 4507, Unique sigs: 1

    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.17.228.233, DL: 2, Dsts: 1, Pkts: 7767, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  149.156.34.9, DL: 2, Dsts: 24, Pkts: 884797, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  68.7.22.154, DL: 2, Dsts: 1, Pkts: 4508, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  164.47.99.114, DL: 2, Dsts: 1, Pkts: 7768, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.149.29.73, DL: 2, Dsts: 1, Pkts: 7769, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.123.82.226, DL: 2, Dsts: 1, Pkts: 36890, Unique sigs: 1
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  69.197.176.126, DL: 2, Dsts: 1, Pkts: 36891, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  66.17.67.51, DL: 2, Dsts: 1, Pkts: 41401, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.241.177.4, DL: 2, Dsts: 1, Pkts: 7770, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.187.7.176, DL: 2, Dsts: 1, Pkts: 7771, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.15.103.150, DL: 2, Dsts: 1, Pkts: 4510, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.232.157.228, DL: 2, Dsts: 1, Pkts: 7772, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.1.250.52, DL: 2, Dsts: 1, Pkts: 7773, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.7.70.209, DL: 2, Dsts: 2, Pkts: 15549, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.183.136.225, DL: 2, Dsts: 1, Pkts: 41406, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.23.93.179, DL: 2, Dsts: 24, Pkts: 886380, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  172.214.47.154, DL: 2, Dsts: 1, Pkts: 7776, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.80.77.156, DL: 2, Dsts: 2, Pkts: 73943, Unique sigs: 2

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  151.25.187.213, DL: 2, Dsts: 1, Pkts: 41495, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 25-60666 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  192.168.1.1, DL: 2, Dsts: 24, Pkts: 887892, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.210.23.29, DL: 2, Dsts: 2, Pkts: 15555, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.254.37.3, DL: 2, Dsts: 2, Pkts: 74023, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  62.16.136.237, DL: 2, Dsts: 1, Pkts: 7779, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.88.202.208, DL: 2, Dsts: 1, Pkts: 41527, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.145.198.47, DL: 2, Dsts: 1, Pkts: 37017, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  196.26.209.36, DL: 2, Dsts: 1, Pkts: 7780, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.5.92.163, DL: 2, Dsts: 1, Pkts: 4514, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.214.143.18, DL: 2, Dsts: 1, Pkts: 7781, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.100.154.101, DL: 2, Dsts: 1, Pkts: 4515, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  151.39.72.122, DL: 2, Dsts: 1, Pkts: 7782, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.90.87.7, DL: 2, Dsts: 2, Pkts: 9033, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  207.10.54.33, DL: 2, Dsts: 1, Pkts: 41536, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.140.141.244, DL: 2, Dsts: 1, Pkts: 37021, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  143.127.131.4, DL: 2, Dsts: 2, Pkts: 9039, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.170.233.137, DL: 2, Dsts: 1, Pkts: 41543, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.186.186.115, DL: 2, Dsts: 1, Pkts: 7783, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.194.211, DL: 2, Dsts: 1, Pkts: 4522, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.19.20.85, DL: 2, Dsts: 1, Pkts: 4523, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.211.224.75, DL: 2, Dsts: 1, Pkts: 7784, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.186.32.48, DL: 2, Dsts: 1, Pkts: 41549, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  83.100.151.202, DL: 2, Dsts: 1, Pkts: 7785, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.8.27, DL: 2, Dsts: 1, Pkts: 4525, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.13.160.47, DL: 2, Dsts: 1, Pkts: 7786, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.76.78.167, DL: 2, Dsts: 1, Pkts: 41638, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.133.67.51, DL: 2, Dsts: 8, Pkts: 62324, Unique sigs: 8

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.109.145.199, DL: 2, Dsts: 6, Pkts: 222756, Unique sigs: 6

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204

SRC:  83.72.132.14, DL: 2, Dsts: 1, Pkts: 7795, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.1.221.240, DL: 2, Dsts: 1, Pkts: 7796, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.122.161.57, DL: 2, Dsts: 1, Pkts: 37139, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  202.158.19.254, DL: 2, Dsts: 1, Pkts: 4527, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.24.162.23, DL: 2, Dsts: 1, Pkts: 41670, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.196.202.62, DL: 2, Dsts: 1, Pkts: 41674, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.49.65.32, DL: 2, Dsts: 1, Pkts: 7797, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.140.93.27, DL: 2, Dsts: 2, Pkts: 9061, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.31.36.21, DL: 2, Dsts: 1, Pkts: 37148, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  216.73.162.91, DL: 2, Dsts: 1, Pkts: 41681, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.161.153.3, DL: 2, Dsts: 1, Pkts: 4533, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.69.246.117, DL: 2, Dsts: 24, Pkts: 892476, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  84.128.131.216, DL: 2, Dsts: 1, Pkts: 4534, Unique sigs: 2

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  62.77.249.159, DL: 2, Dsts: 1, Pkts: 37224, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  62.173.118.194, DL: 2, Dsts: 1, Pkts: 41771, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.188.84.212, DL: 2, Dsts: 1, Pkts: 7798, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.173.141.17, DL: 2, Dsts: 1, Pkts: 4536, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.180.58.13, DL: 2, Dsts: 1, Pkts: 37237, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  82.147.148.55, DL: 2, Dsts: 1, Pkts: 37239, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  217.34.47.110, DL: 2, Dsts: 2, Pkts: 15599, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.217.244.14, DL: 2, Dsts: 2, Pkts: 15603, Unique sigs: 2

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.64.28.96, DL: 2, Dsts: 24, Pkts: 894242, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  202.68.193.178, DL: 2, Dsts: 2, Pkts: 15607, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.194.207.127, DL: 2, Dsts: 6, Pkts: 46845, Unique sigs: 6

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.21.127.246, DL: 2, Dsts: 1, Pkts: 4537, Unique sigs: 1

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.44.239.120, DL: 2, Dsts: 24, Pkts: 895572, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  24.61.26.136, DL: 2, Dsts: 1, Pkts: 4538, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.105.22.242, DL: 2, Dsts: 1, Pkts: 37353, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  68.192.101.237, DL: 2, Dsts: 1, Pkts: 41895, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.191.78.101, DL: 2, Dsts: 6, Pkts: 46881, Unique sigs: 6

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.125.34.141, DL: 2, Dsts: 1, Pkts: 7817, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.82.103.16, DL: 2, Dsts: 1, Pkts: 41899, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.52.123.184, DL: 2, Dsts: 1, Pkts: 7818, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.128.137.92, DL: 2, Dsts: 1, Pkts: 7819, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.169.77.204, DL: 2, Dsts: 24, Pkts: 897516, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.21.197.197, DL: 2, Dsts: 1, Pkts: 4541, Unique sigs: 1

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.157.41.97, DL: 2, Dsts: 1, Pkts: 37434, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  84.234.16.180, DL: 2, Dsts: 9, Pkts: 70416, Unique sigs: 9

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.245.224.23, DL: 2, Dsts: 1, Pkts: 37435, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  24.232.180.30, DL: 2, Dsts: 1, Pkts: 7829, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.116.151.124, DL: 2, Dsts: 1, Pkts: 41980, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.148.206.197, DL: 2, Dsts: 1, Pkts: 7830, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.166.75.205, DL: 2, Dsts: 1, Pkts: 37441, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  213.154.85.230, DL: 2, Dsts: 1, Pkts: 37444, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  66.236.60.224, DL: 2, Dsts: 24, Pkts: 899486, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  218.75.229.186, DL: 2, Dsts: 1, Pkts: 4543, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.6.96.11, DL: 2, Dsts: 24, Pkts: 189268, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (6 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 6, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (5 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 5, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208

SRC:  221.232.112.211, DL: 2, Dsts: 1, Pkts: 4544, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.38.253.90, DL: 2, Dsts: 1, Pkts: 7940, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  72.11.219.121, DL: 2, Dsts: 1, Pkts: 7941, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.188.40.5, DL: 2, Dsts: 1, Pkts: 42059, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  4.233.114.98, DL: 2, Dsts: 1, Pkts: 7942, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.248.255.40, DL: 2, Dsts: 1, Pkts: 7943, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.6.90.204, DL: 2, Dsts: 2, Pkts: 15889, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  80.103.44.17, DL: 2, Dsts: 1, Pkts: 7946, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.44.234.91, DL: 2, Dsts: 2, Pkts: 15895, Unique sigs: 2

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.98.29.60, DL: 2, Dsts: 3, Pkts: 23850, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.21.221, DL: 2, Dsts: 23, Pkts: 183194, Unique sigs: 23

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  221.127.177.142, DL: 2, Dsts: 10, Pkts: 79825, Unique sigs: 10

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.91.232.162, DL: 2, Dsts: 1, Pkts: 42100, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 7, Sid: 384

SRC:  61.18.251.186, DL: 2, Dsts: 1, Pkts: 4553, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.161.164.224, DL: 2, Dsts: 1, Pkts: 37551, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  66.106.127.90, DL: 2, Dsts: 24, Pkts: 925096, Unique sigs: 31

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 139-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 57 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 57 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 57-1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 57-139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 57 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.253.67.123, DL: 2, Dsts: 1, Pkts: 37599, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.180.161.58, DL: 2, Dsts: 1, Pkts: 37602, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.184.240.203, DL: 2, Dsts: 1, Pkts: 4580, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.92.84.185, DL: 2, Dsts: 1, Pkts: 4581, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.91.165.239, DL: 2, Dsts: 1, Pkts: 37603, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  15.252.4.66, DL: 2, Dsts: 1, Pkts: 4582, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.79.221.77, DL: 2, Dsts: 1, Pkts: 7999, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.248.217.238, DL: 2, Dsts: 1, Pkts: 37615, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.99.90.243, DL: 2, Dsts: 3, Pkts: 13752, Unique sigs: 3

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.73.205.82, DL: 2, Dsts: 1, Pkts: 42202, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.131.209.93, DL: 2, Dsts: 1, Pkts: 8000, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.76.79.131, DL: 2, Dsts: 1, Pkts: 8001, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.19.79.76, DL: 2, Dsts: 1, Pkts: 4587, Unique sigs: 1

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.182.176.88, DL: 2, Dsts: 1, Pkts: 8002, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.126.64.8, DL: 2, Dsts: 1, Pkts: 42207, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  12.207.36.110, DL: 2, Dsts: 1, Pkts: 8003, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  216.90.227.213, DL: 2, Dsts: 1, Pkts: 8004, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.126.79.72, DL: 2, Dsts: 1, Pkts: 8006, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  69.159.27.240, DL: 2, Dsts: 1, Pkts: 42209, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.236.118.200, DL: 2, Dsts: 1, Pkts: 8007, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.58.66.241, DL: 2, Dsts: 1, Pkts: 37623, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.180.55.126, DL: 2, Dsts: 1, Pkts: 4590, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.157.32.40, DL: 2, Dsts: 2, Pkts: 79846, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.186.170.167, DL: 2, Dsts: 1, Pkts: 8008, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.191.160.13, DL: 2, Dsts: 1, Pkts: 4592, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.12.146.4, DL: 2, Dsts: 1, Pkts: 8009, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  208.5.106.135, DL: 2, Dsts: 4, Pkts: 32046, Unique sigs: 4

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.183.16.222, DL: 2, Dsts: 3, Pkts: 13784, Unique sigs: 3

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  193.250.44.93, DL: 2, Dsts: 1, Pkts: 8014, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.130.126.11, DL: 2, Dsts: 1, Pkts: 4597, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.43.36.7, DL: 2, Dsts: 1, Pkts: 8015, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.24.108.72, DL: 2, Dsts: 1, Pkts: 42239, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.124.72, DL: 2, Dsts: 1, Pkts: 4599, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.139.211.48, DL: 2, Dsts: 3, Pkts: 24051, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.38.176.116, DL: 2, Dsts: 24, Pkts: 194502, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1026 (12 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 12, DP: 1026, Sid: 100196
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1026, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1026, Sid: 100196
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1026 (3 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 3, DP: 1026, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1026 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026 (10 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 10, DP: 1026, Sid: 100196
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1026 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1026 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1026, Sid: 100196
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1026, Sid: 100196
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1026 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1026, Sid: 100196
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1026 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1026 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1026, Sid: 100196
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1026 (11 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 11, DP: 1026, Sid: 100196
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1026 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1026, Sid: 100196
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1026 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1026, Sid: 100196
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1026 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1026 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1026 (12 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 12, DP: 1026, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1026 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1026, Sid: 100196
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1026 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196

SRC:  222.240.236.13, DL: 2, Dsts: 1, Pkts: 42242, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.47.218.192, DL: 2, Dsts: 1, Pkts: 37645, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.159.78.7, DL: 2, Dsts: 1, Pkts: 37667, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  200.199.115.202, DL: 2, Dsts: 1, Pkts: 4601, Unique sigs: 2

    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.234.158.97, DL: 2, Dsts: 1, Pkts: 4602, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.170.88.36, DL: 2, Dsts: 24, Pkts: 828579, Unique sigs: 46

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 80-8080 (17 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 80-8080 (10 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 2282 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 80-8080 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 2282-8080 (4 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 80-8080 (13 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 2282-8080 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 80-8080 (14 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 2282-3382 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 80-8080 (25 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 2282-8080 (8 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 2282-8080 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 6588 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 2282-8080 (10 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 80-8080 (9 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 80-8080 (15 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 80-8080 (24 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 2282-8080 (3 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 8000, SYN, Sid: 100084
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80-8080 (22 packets)
        Signature match: "MISC HP Web JetAdmin communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 8000, SYN, Sid: 100084
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  60.48.217.17, DL: 2, Dsts: 24, Pkts: 909548, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  200.177.177.221, DL: 2, Dsts: 1, Pkts: 37939, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  217.81.68.232, DL: 2, Dsts: 1, Pkts: 8186, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.158.199.36, DL: 2, Dsts: 1, Pkts: 42603, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.95.71.102, DL: 2, Dsts: 1, Pkts: 42605, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.203.163.146, DL: 2, Dsts: 4, Pkts: 151794, Unique sigs: 4

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  220.229.159.123, DL: 2, Dsts: 1, Pkts: 8187, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.163.64.155, DL: 2, Dsts: 3, Pkts: 13994, Unique sigs: 3

    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.102.140.194, DL: 2, Dsts: 4, Pkts: 32758, Unique sigs: 4

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.100.5.92, DL: 2, Dsts: 24, Pkts: 911732, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  80.232.244.8, DL: 2, Dsts: 1, Pkts: 8192, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.141.93.82, DL: 2, Dsts: 2, Pkts: 9339, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.84.36.185, DL: 2, Dsts: 24, Pkts: 913629, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  211.98.106.146, DL: 2, Dsts: 1, Pkts: 38105, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.168.140.25, DL: 2, Dsts: 1, Pkts: 38106, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  69.3.198.78, DL: 2, Dsts: 1, Pkts: 42780, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.80.65.242, DL: 2, Dsts: 24, Pkts: 915516, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  194.230.187.61, DL: 2, Dsts: 1, Pkts: 8193, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  82.43.141.239, DL: 2, Dsts: 1, Pkts: 8194, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.159.80.7, DL: 2, Dsts: 2, Pkts: 76399, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-2745 (8 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 80-3127 (9 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3127, SYN, Sid: 2375

SRC:  63.186.32.124, DL: 2, Dsts: 1, Pkts: 42879, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.187.160.72, DL: 2, Dsts: 24, Pkts: 917860, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.234.32.174, DL: 2, Dsts: 24, Pkts: 1186266, Unique sigs: 47
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 9, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.191.228.163, DL: 2, Dsts: 1, Pkts: 38622, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  211.171.21.194, DL: 2, Dsts: 24, Pkts: 927826, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  218.154.19.49, DL: 2, Dsts: 24, Pkts: 929200, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  66.13.9.170, DL: 2, Dsts: 1, Pkts: 43439, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.28.236.63, DL: 2, Dsts: 1, Pkts: 8264, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  67.174.206.121, DL: 2, Dsts: 1, Pkts: 43441, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.25.186.155, DL: 2, Dsts: 1, Pkts: 8265, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.185.177.181, DL: 2, Dsts: 1, Pkts: 43445, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.94.239.43, DL: 2, Dsts: 1, Pkts: 38745, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3128 (1 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  59.189.73.120, DL: 2, Dsts: 1, Pkts: 38747, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  220.97.234.149, DL: 2, Dsts: 1, Pkts: 8266, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.112.118.151, DL: 2, Dsts: 1, Pkts: 8267, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.189.233.165, DL: 2, Dsts: 1, Pkts: 4702, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  83.39.250.121, DL: 2, Dsts: 1, Pkts: 8268, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.136.99.89, DL: 2, Dsts: 1, Pkts: 8269, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.49.3.20, DL: 2, Dsts: 1, Pkts: 4703, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.144.220.211, DL: 2, Dsts: 1, Pkts: 38749, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  4.248.219.255, DL: 2, Dsts: 1, Pkts: 8270, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.153.156.54, DL: 2, Dsts: 1, Pkts: 38752, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.25.236.125, DL: 2, Dsts: 1, Pkts: 4704, Unique sigs: 1

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.143.39.171, DL: 2, Dsts: 3, Pkts: 24816, Unique sigs: 3

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.187.79.177, DL: 2, Dsts: 2, Pkts: 16549, Unique sigs: 2

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.87.251.51, DL: 2, Dsts: 1, Pkts: 38755, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.110.59.94, DL: 2, Dsts: 2, Pkts: 16553, Unique sigs: 2

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.153.251.221, DL: 2, Dsts: 1, Pkts: 8278, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.81.49.228, DL: 2, Dsts: 1, Pkts: 38756, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  172.158.50.50, DL: 2, Dsts: 1, Pkts: 8279, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.64.250.204, DL: 2, Dsts: 24, Pkts: 930746, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  65.33.2.146, DL: 2, Dsts: 10, Pkts: 388154, Unique sigs: 10

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  81.161.245.83, DL: 2, Dsts: 1, Pkts: 38826, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  204.97.197.23, DL: 2, Dsts: 1, Pkts: 38829, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  66.42.63.2, DL: 2, Dsts: 1, Pkts: 8280, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.226.27.26, DL: 2, Dsts: 1, Pkts: 8281, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.117.34.230, DL: 2, Dsts: 17, Pkts: 660424, Unique sigs: 17
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  62.11.117.144, DL: 2, Dsts: 1, Pkts: 8282, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.158.94.106, DL: 2, Dsts: 1, Pkts: 43571, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  83.227.104.228, DL: 2, Dsts: 1, Pkts: 8283, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.142.99.29, DL: 2, Dsts: 1, Pkts: 38867, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.18.117.128, DL: 2, Dsts: 1, Pkts: 4706, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.206.42.149, DL: 2, Dsts: 24, Pkts: 934608, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204

SRC:  219.147.200.141, DL: 2, Dsts: 18, Pkts: 702369, Unique sigs: 18

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.15.90.202, DL: 2, Dsts: 1, Pkts: 4707, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.126.79.81, DL: 2, Dsts: 1, Pkts: 8285, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  220.174.144.241, DL: 2, Dsts: 3, Pkts: 117094, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  12.216.217.167, DL: 2, Dsts: 1, Pkts: 8286, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.91.92.253, DL: 2, Dsts: 1, Pkts: 8287, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.48.149.91, DL: 2, Dsts: 1, Pkts: 8288, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.126.139.238, DL: 2, Dsts: 1, Pkts: 8289, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.132.28.250, DL: 2, Dsts: 2, Pkts: 78071, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.74.38.64, DL: 2, Dsts: 1, Pkts: 43746, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  70.25.242.29, DL: 2, Dsts: 2, Pkts: 78085, Unique sigs: 2

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  62.126.79.80, DL: 2, Dsts: 1, Pkts: 8291, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  61.159.62.143, DL: 2, Dsts: 8, Pkts: 66368, Unique sigs: 8

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.145.199.121, DL: 2, Dsts: 1, Pkts: 43757, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384

SRC:  201.19.20.103, DL: 2, Dsts: 1, Pkts: 8301, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.176.177.115, DL: 2, Dsts: 1, Pkts: 4712, Unique sigs: 1

    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.130.138.36, DL: 2, Dsts: 1, Pkts: 8302, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.125.130.90, DL: 2, Dsts: 1, Pkts: 4713, Unique sigs: 2

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  63.157.28.81, DL: 2, Dsts: 1, Pkts: 4714, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.98.122.153, DL: 2, Dsts: 1, Pkts: 8303, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.48.46.136, DL: 2, Dsts: 1, Pkts: 8304, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.81.215.82, DL: 2, Dsts: 1, Pkts: 8305, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.252.76.247, DL: 2, Dsts: 1, Pkts: 43762, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.40.168.232, DL: 2, Dsts: 1, Pkts: 8306, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.216.134.226, DL: 2, Dsts: 24, Pkts: 938172, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.134.60.135, DL: 2, Dsts: 24, Pkts: 199936, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.206.119.144, DL: 2, Dsts: 1, Pkts: 43844, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.135.38.137, DL: 2, Dsts: 1, Pkts: 8353, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.213.160.239, DL: 2, Dsts: 1, Pkts: 8354, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  60.166.141.110, DL: 2, Dsts: 1, Pkts: 4717, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.188.41.195, DL: 2, Dsts: 1, Pkts: 43849, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.145.183.60, DL: 2, Dsts: 1, Pkts: 39133, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  151.30.255.150, DL: 2, Dsts: 1, Pkts: 39136, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.225.7.61, DL: 2, Dsts: 24, Pkts: 940164, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  198.216.120.100, DL: 2, Dsts: 1, Pkts: 4719, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.124.118.177, DL: 2, Dsts: 1, Pkts: 8355, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.82.106.253, DL: 2, Dsts: 1, Pkts: 8356, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.235.154.92, DL: 2, Dsts: 24, Pkts: 201911, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1026-1027 (3 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 3, DP: 1027, Sid: 100196
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026-1027 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1026, Sid: 100196
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1026-1027 (7 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 7, DP: 1027, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1027, Sid: 100196
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1026-1027 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1027, Sid: 100196
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1026, Sid: 100196
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1026-1027 (3 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 3, DP: 1027, Sid: 100196
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1027, Sid: 100196
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1027, Sid: 100196
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1026-1027 (6 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 6, DP: 1027, Sid: 100196
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1027 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1027, Sid: 100196
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 2, DP: 1026, Sid: 100196
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1026-1027 (3 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 3, DP: 1027, Sid: 100196
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1026, Sid: 100196
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1026-1027 (3 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 3, DP: 1027, Sid: 100196
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1026-1027 (8 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 8, DP: 1027, Sid: 100196
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1027, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026-1027 (9 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 9, DP: 1026, Sid: 100196
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1026-1027 (5 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 5, DP: 1027, Sid: 100196
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1026-1027 (4 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 4, DP: 1027, Sid: 100196

SRC:  63.183.169.26, DL: 2, Dsts: 1, Pkts: 4720, Unique sigs: 1

    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.96.179.169, DL: 2, Dsts: 1, Pkts: 8475, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.89.178.134, DL: 2, Dsts: 1, Pkts: 44124, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.233.30.200, DL: 2, Dsts: 24, Pkts: 946572, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  81.214.28.27, DL: 2, Dsts: 24, Pkts: 948300, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  81.40.22.202, DL: 2, Dsts: 1, Pkts: 8476, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.148.162.34, DL: 2, Dsts: 1, Pkts: 8477, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.61.92.147, DL: 2, Dsts: 1, Pkts: 44270, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.241.244.1, DL: 2, Dsts: 1, Pkts: 4723, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.79.93, DL: 2, Dsts: 1, Pkts: 8478, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.27.185.22, DL: 2, Dsts: 6, Pkts: 237312, Unique sigs: 6

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  82.123.212.238, DL: 2, Dsts: 1, Pkts: 39558, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.1.208.38, DL: 2, Dsts: 1, Pkts: 8479, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.99.106.157, DL: 2, Dsts: 1, Pkts: 39560, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  202.169.65.223, DL: 2, Dsts: 1, Pkts: 39563, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.141.248.29, DL: 2, Dsts: 1, Pkts: 8480, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.132.229.157, DL: 2, Dsts: 1, Pkts: 8481, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.139.140.200, DL: 2, Dsts: 1, Pkts: 8482, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  84.255.3.225, DL: 2, Dsts: 1, Pkts: 39566, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  83.131.116.49, DL: 2, Dsts: 1, Pkts: 44291, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  4.228.216.53, DL: 2, Dsts: 1, Pkts: 8483, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.86.103.14, DL: 2, Dsts: 1, Pkts: 8484, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.149.123, DL: 2, Dsts: 1, Pkts: 4725, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.90.151.85, DL: 2, Dsts: 16, Pkts: 633208, Unique sigs: 16

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  61.155.214.136, DL: 2, Dsts: 1, Pkts: 4726, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.241.154.70, DL: 2, Dsts: 24, Pkts: 950892, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.15.192.228, DL: 2, Dsts: 1, Pkts: 4727, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.157.32.116, DL: 2, Dsts: 1, Pkts: 4728, Unique sigs: 1

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.158.170.174, DL: 2, Dsts: 1, Pkts: 39658, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.191.10.135, DL: 2, Dsts: 1, Pkts: 8485, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.11.150.62, DL: 2, Dsts: 1, Pkts: 8486, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.75.62.214, DL: 2, Dsts: 16, Pkts: 634664, Unique sigs: 16

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  218.31.102.91, DL: 2, Dsts: 17, Pkts: 674611, Unique sigs: 17

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  82.124.100.156, DL: 2, Dsts: 1, Pkts: 8487, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.35.203.60, DL: 2, Dsts: 1, Pkts: 44421, Unique sigs: 2

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  220.217.134.229, DL: 2, Dsts: 9, Pkts: 76428, Unique sigs: 9

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  210.95.179.106, DL: 2, Dsts: 24, Pkts: 953500, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077

SRC:  84.228.24.120, DL: 2, Dsts: 2, Pkts: 79535, Unique sigs: 2

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  80.55.141.29, DL: 2, Dsts: 24, Pkts: 954959, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  218.203.173.118, DL: 2, Dsts: 24, Pkts: 955716, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  82.198.34.104, DL: 2, Dsts: 1, Pkts: 8497, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.85.244.116, DL: 2, Dsts: 1, Pkts: 4730, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  60.40.86.139, DL: 2, Dsts: 3, Pkts: 25497, Unique sigs: 3

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.44.151.61, DL: 2, Dsts: 1, Pkts: 40064, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.26.118.29, DL: 2, Dsts: 1, Pkts: 44798, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.65.14.74, DL: 2, Dsts: 1, Pkts: 4732, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.227.61.205, DL: 2, Dsts: 1, Pkts: 40069, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  222.156.195.194, DL: 2, Dsts: 1, Pkts: 4733, Unique sigs: 1

    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.83.17.60, DL: 2, Dsts: 1, Pkts: 8501, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.137.136.115, DL: 2, Dsts: 1, Pkts: 4734, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  84.162.3.135, DL: 2, Dsts: 1, Pkts: 40072, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  85.115.102.127, DL: 2, Dsts: 2, Pkts: 17005, Unique sigs: 2

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.228.102.20, DL: 2, Dsts: 1, Pkts: 8504, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.88.14.40, DL: 2, Dsts: 1, Pkts: 4735, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  208.218.131.239, DL: 2, Dsts: 24, Pkts: 1038189, Unique sigs: 24
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-139 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135-139 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-139 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135-139 (7 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-139 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-139 (7 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-139 (11 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-139 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-139 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-139 (7 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-139 (7 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135-139 (8 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-139 (11 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135-139 (11 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  200.141.4.87, DL: 2, Dsts: 1, Pkts: 8505, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.228.90.169, DL: 2, Dsts: 1, Pkts: 8506, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.94.38.124, DL: 2, Dsts: 1, Pkts: 45054, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.88.123.204, DL: 2, Dsts: 1, Pkts: 45056, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.122.16.7, DL: 2, Dsts: 1, Pkts: 45062, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-80 (5 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  24.202.162.93, DL: 2, Dsts: 1, Pkts: 4782, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.26.231.138, DL: 2, Dsts: 2, Pkts: 90138, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.17.77.27, DL: 2, Dsts: 1, Pkts: 40290, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.150.54.153, DL: 2, Dsts: 1, Pkts: 40293, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  62.0.47.68, DL: 2, Dsts: 1, Pkts: 4785, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  195.243.192.18, DL: 2, Dsts: 1, Pkts: 8507, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.134.164.86, DL: 2, Dsts: 1, Pkts: 8508, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.73.51.114, DL: 2, Dsts: 1, Pkts: 40297, Unique sigs: 1
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 4, DP: 1433, SYN, Sid: 100205

SRC:  221.230.7.201, DL: 2, Dsts: 1, Pkts: 40299, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  69.86.62.157, DL: 2, Dsts: 1, Pkts: 8509, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.77.150.228, DL: 2, Dsts: 1, Pkts: 8510, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.46.9.38, DL: 2, Dsts: 1, Pkts: 45086, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.126.79.87, DL: 2, Dsts: 1, Pkts: 8512, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  61.185.75.69, DL: 2, Dsts: 2, Pkts: 17027, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.36.165, DL: 2, Dsts: 1, Pkts: 4787, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.10.8.88, DL: 2, Dsts: 1, Pkts: 8515, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.90.77.149, DL: 2, Dsts: 1, Pkts: 40302, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  210.183.152.214, DL: 2, Dsts: 5, Pkts: 201525, Unique sigs: 5

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  60.176.255.198, DL: 2, Dsts: 1, Pkts: 40310, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  80.9.58.1, DL: 2, Dsts: 1, Pkts: 8516, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  10.76.65.59, DL: 2, Dsts: 2, Pkts: 9577, Unique sigs: 2

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.232.98.213, DL: 2, Dsts: 1, Pkts: 40317, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-1433 (7 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  220.219.193.174, DL: 2, Dsts: 2, Pkts: 17035, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.222.166.251, DL: 2, Dsts: 1, Pkts: 8519, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.192.203.239, DL: 2, Dsts: 1, Pkts: 40320, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  24.1.193.101, DL: 2, Dsts: 1, Pkts: 8520, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.157.75.224, DL: 2, Dsts: 1, Pkts: 40323, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.159.0.47, DL: 2, Dsts: 1, Pkts: 45116, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  194.202.218.1, DL: 2, Dsts: 1, Pkts: 4791, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  143.101.237.212, DL: 2, Dsts: 1, Pkts: 4792, Unique sigs: 1

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  70.93.104.75, DL: 2, Dsts: 3, Pkts: 57372, Unique sigs: 3

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  208.16.180.94, DL: 2, Dsts: 24, Pkts: 208058, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (11 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 11, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (11 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 11, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (11 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 11, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (11 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 11, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (11 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 11, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (12 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 12, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (10 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 10, DP: 1434, Sid: 100208

SRC:  61.15.160.62, DL: 2, Dsts: 1, Pkts: 4793, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.22.109.192, DL: 2, Dsts: 2, Pkts: 90256, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.104.206.85, DL: 2, Dsts: 1, Pkts: 4796, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.9.234.119, DL: 2, Dsts: 1, Pkts: 40338, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  210.207.210.57, DL: 2, Dsts: 24, Pkts: 968412, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  82.123.59.19, DL: 2, Dsts: 1, Pkts: 40365, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  202.71.58.68, DL: 2, Dsts: 4, Pkts: 35222, Unique sigs: 4

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.180.229.242, DL: 2, Dsts: 1, Pkts: 4797, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.18.100.249, DL: 2, Dsts: 1, Pkts: 4798, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.130.111.93, DL: 2, Dsts: 22, Pkts: 888762, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  61.185.77.13, DL: 2, Dsts: 1, Pkts: 8808, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.18.210.81, DL: 2, Dsts: 1, Pkts: 45230, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.22.17.4, DL: 2, Dsts: 1, Pkts: 45234, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  216.252.70.106, DL: 2, Dsts: 1, Pkts: 45236, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  222.136.78.192, DL: 2, Dsts: 24, Pkts: 971700, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (5 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 5, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (5 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 5, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (4 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 4, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (6 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 6, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  141.153.217.10, DL: 2, Dsts: 1, Pkts: 8809, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.108.1.230, DL: 2, Dsts: 1, Pkts: 4802, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.206.48.103, DL: 2, Dsts: 1, Pkts: 8810, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.80.223.173, DL: 2, Dsts: 1, Pkts: 45333, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  194.69.217.82, DL: 2, Dsts: 22, Pkts: 891921, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  220.131.165.53, DL: 2, Dsts: 24, Pkts: 974172, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  219.137.91.190, DL: 2, Dsts: 1, Pkts: 4804, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.186.101.146, DL: 2, Dsts: 1, Pkts: 40628, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  213.65.190.187, DL: 2, Dsts: 2, Pkts: 17623, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.81.201.80, DL: 2, Dsts: 1, Pkts: 40631, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  221.140.182.248, DL: 2, Dsts: 8, Pkts: 325203, Unique sigs: 14

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 42-6101 (4 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 42 (1 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 42-6101 (8 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 42-6101 (4 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 42-6101 (4 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 42-6101 (4 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 42-6101 (5 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 42-6101 (10 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  200.222.172.118, DL: 2, Dsts: 1, Pkts: 8813, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.214.218.3, DL: 2, Dsts: 1, Pkts: 8814, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.216.138.171, DL: 2, Dsts: 6, Pkts: 244144, Unique sigs: 11

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899-6101 (6 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 42-6101 (4 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 42-6101 (8 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 42-6101 (4 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 5900, SYN, Sid: 100202
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 42-6101 (6 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 42-6101 (6 packets)
        Signature match: "MISC VNC communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 5900, SYN, Sid: 100202
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204

SRC:  220.9.84.73, DL: 2, Dsts: 1, Pkts: 45513, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  59.188.0.115, DL: 2, Dsts: 8, Pkts: 70548, Unique sigs: 8

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.218.82.87, DL: 2, Dsts: 24, Pkts: 977892, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  218.131.166.56, DL: 2, Dsts: 1, Pkts: 45589, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.144.75.16, DL: 2, Dsts: 4, Pkts: 127162, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.201.44.212, DL: 2, Dsts: 22, Pkts: 194639, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208

SRC:  200.150.49.67, DL: 2, Dsts: 1, Pkts: 40787, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  148.221.244.129, DL: 2, Dsts: 1, Pkts: 8871, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.19.37.21, DL: 2, Dsts: 1, Pkts: 4808, Unique sigs: 1

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.104.191.48, DL: 2, Dsts: 16, Pkts: 142222, Unique sigs: 16

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (4 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 4, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  66.142.195.1, DL: 2, Dsts: 1, Pkts: 4810, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  221.237.182.134, DL: 2, Dsts: 1, Pkts: 4811, Unique sigs: 2

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  80.108.241.224, DL: 2, Dsts: 24, Pkts: 115780, Unique sigs: 24

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.150.109.164, DL: 2, Dsts: 1, Pkts: 8902, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  24.19.35.48, DL: 2, Dsts: 1, Pkts: 4838, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.185.75.160, DL: 2, Dsts: 1, Pkts: 8903, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.88.137.195, DL: 2, Dsts: 1, Pkts: 45629, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  202.10.66.30, DL: 2, Dsts: 24, Pkts: 979260, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  218.74.218.70, DL: 2, Dsts: 1, Pkts: 40816, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3127 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3127, SYN, Sid: 2375

SRC:  211.72.156.59, DL: 2, Dsts: 1, Pkts: 8904, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.141.78.45, DL: 2, Dsts: 1, Pkts: 8905, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.155.208.117, DL: 2, Dsts: 1, Pkts: 45659, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.224.164.242, DL: 2, Dsts: 1, Pkts: 8906, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.167.73.145, DL: 2, Dsts: 1, Pkts: 8907, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  204.1.248.84, DL: 2, Dsts: 1, Pkts: 8908, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.181.48, DL: 2, Dsts: 1, Pkts: 4841, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  67.89.209.82, DL: 2, Dsts: 1, Pkts: 45662, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.91.184.41, DL: 2, Dsts: 1, Pkts: 8909, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.109.72.91, DL: 2, Dsts: 1, Pkts: 8910, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.107.206.141, DL: 2, Dsts: 1, Pkts: 40823, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  195.174.36.206, DL: 2, Dsts: 1, Pkts: 8911, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.174.52.59, DL: 2, Dsts: 1, Pkts: 8912, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.165.152.207, DL: 2, Dsts: 1, Pkts: 4843, Unique sigs: 1

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.58.93.182, DL: 2, Dsts: 1, Pkts: 40826, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.249.147.157, DL: 2, Dsts: 1, Pkts: 8913, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.217.50.33, DL: 2, Dsts: 1, Pkts: 45671, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.26.105.227, DL: 2, Dsts: 1, Pkts: 4845, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  217.113.176.73, DL: 2, Dsts: 1, Pkts: 40830, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  202.155.147.177, DL: 2, Dsts: 24, Pkts: 116596, Unique sigs: 24

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.179.31.13, DL: 2, Dsts: 1, Pkts: 40833, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  81.181.26.49, DL: 2, Dsts: 1, Pkts: 4872, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  128.173.89.220, DL: 2, Dsts: 3, Pkts: 26745, Unique sigs: 3

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.66.97.209, DL: 2, Dsts: 1, Pkts: 8917, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  207.114.160.65, DL: 2, Dsts: 1, Pkts: 45709, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.26.231.71, DL: 2, Dsts: 1, Pkts: 45711, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.83.153.59, DL: 2, Dsts: 16, Pkts: 142808, Unique sigs: 16

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  218.201.121.99, DL: 2, Dsts: 1, Pkts: 45714, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  200.167.57.75, DL: 2, Dsts: 1, Pkts: 8934, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.103.238.91, DL: 2, Dsts: 1, Pkts: 8935, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  70.186.2.72, DL: 2, Dsts: 1, Pkts: 4877, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.249.110.205, DL: 2, Dsts: 15, Pkts: 613311, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (5 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135 (12 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135-445 (15 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)

SRC:  70.21.4.76, DL: 2, Dsts: 1, Pkts: 8936, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.185.28.41, DL: 2, Dsts: 24, Pkts: 214948, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  221.187.8.33, DL: 2, Dsts: 22, Pkts: 197726, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  200.178.220.160, DL: 2, Dsts: 1, Pkts: 40938, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  222.144.249.24, DL: 2, Dsts: 1, Pkts: 9001, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.163.169.72, DL: 1, Dsts: 24, Pkts: 10019, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-445 (12 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.13.157.16, DL: 1, Dsts: 15, Pkts: 17622, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 139-6101 (9 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 139-445 (12 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 139 (6 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445-6101 (6 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.235.113.62, DL: 1, Dsts: 1, Pkts: 1917, Unique sigs: 0

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-1025 (6 packets)

SRC:  63.201.59.47, DL: 1, Dsts: 1, Pkts: 1951, Unique sigs: 0

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-2745 (9 packets)

SRC:  63.165.152.122, DL: 1, Dsts: 1, Pkts: 2208, Unique sigs: 0

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-2745 (6 packets)

SRC:  11.11.79.81, DL: 1, Dsts: 2, Pkts: 683, Unique sigs: 0, local IP!

    DST: 62.75.177.165
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
    DST: 217.172.188.228
        Scanned ports: FORWARD br0 udp 3412-43215 (7 packets)

SRC:  63.183.129.19, DL: 1, Dsts: 1, Pkts: 2594, Unique sigs: 0

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-2745 (6 packets)

SRC:  63.74.30.140, DL: 1, Dsts: 8, Pkts: 21949, Unique sigs: 0

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (5 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)

SRC:  63.161.253.15, DL: 1, Dsts: 1, Pkts: 3208, Unique sigs: 0

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135-1025 (12 packets)

SRC:  63.113.188.135, DL: 1, Dsts: 24, Pkts: 78030, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (5 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (8 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  63.94.44.214, DL: 1, Dsts: 24, Pkts: 82401, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-445 (5 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135-445 (5 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135-445 (5 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-445 (5 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-445 (12 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-445 (10 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-445 (5 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135-445 (11 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-445 (7 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-445 (11 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (9 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-445 (11 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.242.64.246, DL: 1, Dsts: 10, Pkts: 36433, Unique sigs: 0

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (6 packets)

SRC:  216.56.16.19, DL: 1, Dsts: 1, Pkts: 3892, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445-1025 (6 packets)

SRC:  63.224.144.167, DL: 1, Dsts: 13, Pkts: 54514, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (6 packets)

SRC:  221.150.233.98, DL: 1, Dsts: 24, Pkts: 105884, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1023-9898 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)

SRC:  63.189.136.17, DL: 1, Dsts: 1, Pkts: 4477, Unique sigs: 0

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-1025 (9 packets)

SRC:  63.189.241.191, DL: 1, Dsts: 1, Pkts: 4811, Unique sigs: 0

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-2745 (12 packets)

SRC:  63.49.51.133, DL: 1, Dsts: 5, Pkts: 29211, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  24.85.143.94, DL: 1, Dsts: 1, Pkts: 6928, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.100.197.157, DL: 1, Dsts: 18, Pkts: 125154, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135-445 (5 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-445 (5 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-445 (4 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.168.58.144, DL: 1, Dsts: 3, Pkts: 23884, Unique sigs: 0

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-1025 (12 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (1 packets)

SRC:  218.172.165.140, DL: 1, Dsts: 1, Pkts: 8028, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.175.91.211, DL: 1, Dsts: 1, Pkts: 8035, Unique sigs: 0

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-1025 (6 packets)

SRC:  63.162.132.215, DL: 1, Dsts: 13, Pkts: 111985, Unique sigs: 0

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  63.110.118.115, DL: 1, Dsts: 24, Pkts: 209681, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 6129 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135-6129 (12 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 6129 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-6129 (5 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 6129 (2 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-6129 (5 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135-6129 (9 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135-6129 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 6129 (3 packets)

SRC:  219.66.46.182, DL: 1, Dsts: 24, Pkts: 213471, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445-9898 (4 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445-9898 (7 packets)

SRC:  63.135.21.48, DL: 1, Dsts: 1, Pkts: 8988, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-6129 (12 packets)

SRC:  63.159.200.244, DL: 1, Dsts: 1, Pkts: 9117, Unique sigs: 0

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-1025 (8 packets)

SRC:  63.135.1.121, DL: 1, Dsts: 1, Pkts: 9126, Unique sigs: 0

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135-1025 (6 packets)

SRC:  63.16.143.56, DL: 1, Dsts: 1, Pkts: 9137, Unique sigs: 0

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445-6129 (5 packets)

SRC:  63.23.114.118, DL: 1, Dsts: 1, Pkts: 9207, Unique sigs: 0

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)

SRC:  63.13.249.148, DL: 1, Dsts: 1, Pkts: 9437, Unique sigs: 0

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-1025 (9 packets)

SRC:  63.161.254.76, DL: 1, Dsts: 2, Pkts: 20334, Unique sigs: 0

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-1025 (6 packets)

SRC:  63.18.91.228, DL: 1, Dsts: 1, Pkts: 10382, Unique sigs: 0

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-1025 (6 packets)

SRC:  63.226.61.172, DL: 1, Dsts: 15, Pkts: 165768, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (9 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 139-445 (9 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.199.105.139, DL: 1, Dsts: 16, Pkts: 182135, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (6 packets)

SRC:  63.149.18.252, DL: 1, Dsts: 1, Pkts: 11673, Unique sigs: 0

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 2082-2745 (6 packets)

SRC:  63.13.210.238, DL: 1, Dsts: 3, Pkts: 35340, Unique sigs: 0

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  221.157.251.197, DL: 1, Dsts: 1, Pkts: 11929, Unique sigs: 0

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80-6129 (10 packets)

SRC:  63.122.72.2, DL: 1, Dsts: 3, Pkts: 35838, Unique sigs: 0

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 139-445 (9 packets)

SRC:  63.151.153.55, DL: 1, Dsts: 1, Pkts: 13205, Unique sigs: 0

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-1025 (9 packets)

SRC:  11.11.79.73, DL: 1, Dsts: 2, Pkts: 5032, Unique sigs: 0, local IP!

    DST: 62.75.177.165
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
    DST: 217.172.188.228
        Scanned ports: FORWARD br0 udp 3412-43215 (12 packets)

SRC:  63.18.38.253, DL: 1, Dsts: 1, Pkts: 13713, Unique sigs: 0

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-1025 (8 packets)

SRC:  63.198.129.123, DL: 1, Dsts: 11, Pkts: 154622, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  63.175.245.57, DL: 1, Dsts: 3, Pkts: 43161, Unique sigs: 0

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135-1025 (12 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (1 packets)

SRC:  63.13.129.222, DL: 1, Dsts: 1, Pkts: 14790, Unique sigs: 0

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-1025 (6 packets)

SRC:  62.43.25.192, DL: 1, Dsts: 1, Pkts: 14928, Unique sigs: 0

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  212.83.172.147, DL: 1, Dsts: 1, Pkts: 15023, Unique sigs: 0

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 139-445 (5 packets)

SRC:  84.174.216.205, DL: 1, Dsts: 1, Pkts: 15058, Unique sigs: 0

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  11.11.79.80, DL: 1, Dsts: 2, Pkts: 8642, Unique sigs: 0, local IP!

    DST: 62.75.177.165
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
    DST: 217.172.188.228
        Scanned ports: FORWARD br0 udp 3412-43215 (6 packets)

SRC:  63.187.241.222, DL: 1, Dsts: 1, Pkts: 15500, Unique sigs: 0

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-2745 (9 packets)

SRC:  70.20.132.214, DL: 1, Dsts: 1, Pkts: 15692, Unique sigs: 0

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135-1025 (9 packets)

SRC:  11.11.79.85, DL: 1, Dsts: 2, Pkts: 8705, Unique sigs: 0, local IP!

    DST: 62.75.177.165
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
    DST: 217.172.188.228
        Scanned ports: FORWARD br0 udp 3412-43215 (7 packets)

SRC:  63.255.67.3, DL: 1, Dsts: 5, Pkts: 78552, Unique sigs: 0

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  63.21.158.19, DL: 1, Dsts: 1, Pkts: 15826, Unique sigs: 0

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135-1025 (9 packets)

SRC:  63.190.73.14, DL: 1, Dsts: 1, Pkts: 15907, Unique sigs: 0

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-2745 (6 packets)

SRC:  66.168.32.13, DL: 1, Dsts: 1, Pkts: 15980, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135-1025 (9 packets)

SRC:  63.78.136.82, DL: 1, Dsts: 8, Pkts: 127971, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.173.141.99, DL: 1, Dsts: 10, Pkts: 170750, Unique sigs: 0

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (8 packets)

SRC:  63.161.222.155, DL: 1, Dsts: 9, Pkts: 174850, Unique sigs: 0

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  82.226.106.178, DL: 1, Dsts: 24, Pkts: 469834, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 21-139 (4 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 21-139 (4 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 21-139 (4 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 21-139 (4 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 21-139 (4 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 21-139 (4 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 21-139 (6 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 21-139 (4 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 21-139 (4 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 21-139 (4 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 21-139 (5 packets)

SRC:  63.236.244.249, DL: 1, Dsts: 1, Pkts: 19866, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-1025 (6 packets)

SRC:  61.80.24.244, DL: 1, Dsts: 24, Pkts: 508522, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1023-9898 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)

SRC:  218.208.251.234, DL: 1, Dsts: 1, Pkts: 21311, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-1025 (6 packets)

SRC:  63.19.130.230, DL: 1, Dsts: 1, Pkts: 21506, Unique sigs: 0

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-1025 (6 packets)

SRC:  63.148.227.153, DL: 1, Dsts: 9, Pkts: 194436, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 139-445 (4 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.171.108.239, DL: 1, Dsts: 24, Pkts: 526042, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  81.156.251.64, DL: 1, Dsts: 1, Pkts: 22847, Unique sigs: 0

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  218.166.99.52, DL: 1, Dsts: 1, Pkts: 23664, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.18.136.186, DL: 1, Dsts: 1, Pkts: 23828, Unique sigs: 0

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135-1025 (12 packets)

SRC:  221.170.132.137, DL: 1, Dsts: 1, Pkts: 23863, Unique sigs: 0

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.13.226.244, DL: 1, Dsts: 3, Pkts: 72180, Unique sigs: 0

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.254.142.67, DL: 1, Dsts: 14, Pkts: 337349, Unique sigs: 0

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135 (5 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 139 (3 packets)

SRC:  63.232.97.247, DL: 1, Dsts: 1, Pkts: 24129, Unique sigs: 0

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-1025 (9 packets)

SRC:  63.168.113.203, DL: 1, Dsts: 1, Pkts: 24614, Unique sigs: 0

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-1025 (6 packets)

SRC:  63.249.110.73, DL: 1, Dsts: 9, Pkts: 225935, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  63.183.145.171, DL: 1, Dsts: 1, Pkts: 25160, Unique sigs: 0

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135-2745 (6 packets)

SRC:  63.193.147.111, DL: 1, Dsts: 6, Pkts: 151056, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  63.13.250.68, DL: 1, Dsts: 6, Pkts: 157170, Unique sigs: 0

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 139 (6 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  218.229.228.94, DL: 1, Dsts: 24, Pkts: 630168, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445-9898 (5 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1023-5554 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445-9898 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445-5554 (4 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1023-5554 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1023-5554 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445-5554 (4 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 5554-9898 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1023-5554 (4 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445-5554 (5 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445-9898 (5 packets)

SRC:  222.98.132.130, DL: 1, Dsts: 24, Pkts: 632756, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1023-9898 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)

SRC:  4.229.204.123, DL: 1, Dsts: 1, Pkts: 26493, Unique sigs: 0

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)

SRC:  63.147.144.59, DL: 1, Dsts: 7, Pkts: 190895, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.110.159.51, DL: 1, Dsts: 11, Pkts: 302164, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-2745 (12 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  213.36.126.135, DL: 1, Dsts: 1, Pkts: 27495, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 139-445 (5 packets)

SRC:  59.104.67.188, DL: 1, Dsts: 1, Pkts: 27501, Unique sigs: 0

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  61.79.221.104, DL: 1, Dsts: 24, Pkts: 662589, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1023-9898 (5 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 5554 (2 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 5554 (2 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 5554 (2 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 5554 (2 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 5554-9898 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 5554 (2 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 5554-9898 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 5554 (2 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 5554-9898 (3 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 5554 (2 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1023-9898 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 5554 (2 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1023-9898 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1023-9898 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 5554-9898 (2 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 5554 (2 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 5554 (2 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1023-9898 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1023-9898 (4 packets)

SRC:  63.19.236.109, DL: 1, Dsts: 1, Pkts: 27708, Unique sigs: 0

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)

SRC:  61.161.139.6, DL: 1, Dsts: 24, Pkts: 698998, Unique sigs: 0
    Source OS fingerprint:
        Linux (2.2.x kernel)

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 111-1024 (2 packets)
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 111-1024 (2 packets)
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 111-1024 (2 packets)
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 111 (4 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 111-1024 (4 packets)
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 111 (2 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 111-1024 (2 packets)
        Scanned ports: FORWARD br0 tcp 111 (2 packets)

SRC:  63.165.18.56, DL: 1, Dsts: 24, Pkts: 668539, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-445 (5 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-445 (5 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.28.103.224, DL: 1, Dsts: 1, Pkts: 27911, Unique sigs: 0

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.230.227.97, DL: 1, Dsts: 12, Pkts: 337717, Unique sigs: 0

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (12 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 139-445 (9 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  213.22.172.3, DL: 1, Dsts: 1, Pkts: 28488, Unique sigs: 0

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.194.246.176, DL: 1, Dsts: 9, Pkts: 266149, Unique sigs: 0

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.238.101.194, DL: 1, Dsts: 5, Pkts: 147966, Unique sigs: 0

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (2 packets)

SRC:  63.229.13.123, DL: 1, Dsts: 9, Pkts: 266542, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  218.187.101.161, DL: 1, Dsts: 1, Pkts: 36400, Unique sigs: 0

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 4296 (1 packets)
        Scanned ports: FORWARD br0 tcp 49-32787 (4 packets)

SRC:  213.58.103.253, DL: 1, Dsts: 1, Pkts: 30205, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.113.188.133, DL: 1, Dsts: 3, Pkts: 90921, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (6 packets)

SRC:  63.18.175.43, DL: 1, Dsts: 1, Pkts: 30704, Unique sigs: 0

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-1025 (9 packets)

SRC:  63.13.161.192, DL: 1, Dsts: 4, Pkts: 122849, Unique sigs: 0

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 6101 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445-6101 (6 packets)

SRC:  61.207.128.207, DL: 1, Dsts: 1, Pkts: 30728, Unique sigs: 0

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.249.110.129, DL: 1, Dsts: 12, Pkts: 372402, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (1 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 139 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.26.48.59, DL: 1, Dsts: 1, Pkts: 31100, Unique sigs: 0

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-1025 (12 packets)

SRC:  63.93.238.99, DL: 1, Dsts: 2, Pkts: 62236, Unique sigs: 0

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.161.134.245, DL: 1, Dsts: 5, Pkts: 156378, Unique sigs: 0

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (4 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-6101 (6 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  63.13.139.160, DL: 1, Dsts: 13, Pkts: 410297, Unique sigs: 0

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.171.108.232, DL: 1, Dsts: 6, Pkts: 189675, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  63.115.57.105, DL: 1, Dsts: 11, Pkts: 348163, Unique sigs: 0

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  141.150.20.219, DL: 1, Dsts: 1, Pkts: 31748, Unique sigs: 0

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  83.155.195.243, DL: 1, Dsts: 1, Pkts: 31780, Unique sigs: 0

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.78.136.16, DL: 1, Dsts: 12, Pkts: 384218, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 139-445 (12 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (9 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (5 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (1 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (9 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.157.180.63, DL: 1, Dsts: 2, Pkts: 64524, Unique sigs: 0

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-2745 (6 packets)

SRC:  63.189.49.86, DL: 1, Dsts: 1, Pkts: 32276, Unique sigs: 0

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-2745 (7 packets)

SRC:  63.184.192.14, DL: 1, Dsts: 1, Pkts: 32740, Unique sigs: 0

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135-2745 (6 packets)

SRC:  63.175.167.51, DL: 1, Dsts: 8, Pkts: 268161, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)

SRC:  11.11.79.72, DL: 1, Dsts: 2, Pkts: 14359, Unique sigs: 0, local IP!

    DST: 62.75.177.165
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
    DST: 217.172.188.228
        Scanned ports: FORWARD br0 udp 3412-43215 (7 packets)

SRC:  63.113.211.23, DL: 1, Dsts: 24, Pkts: 814042, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135 (9 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-445 (12 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135 (5 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135 (6 packets)

SRC:  63.186.9.185, DL: 1, Dsts: 1, Pkts: 34063, Unique sigs: 0

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-2745 (6 packets)

SRC:  63.162.238.64, DL: 1, Dsts: 8, Pkts: 276819, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135 (6 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 139 (3 packets)

SRC:  63.252.75.190, DL: 1, Dsts: 10, Pkts: 347961, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-445 (7 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  85.165.215.209, DL: 1, Dsts: 1, Pkts: 35856, Unique sigs: 0

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.207.67.25, DL: 1, Dsts: 9, Pkts: 325294, Unique sigs: 0

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-139 (6 packets)

SRC:  63.202.35.60, DL: 1, Dsts: 24, Pkts: 889733, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-445 (7 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.13.222.114, DL: 1, Dsts: 1, Pkts: 37233, Unique sigs: 0

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-1025 (9 packets)

SRC:  63.200.100.98, DL: 1, Dsts: 9, Pkts: 337794, Unique sigs: 0
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  212.93.19.249, DL: 1, Dsts: 1, Pkts: 37612, Unique sigs: 0

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 139-445 (9 packets)

SRC:  168.11.88.66, DL: 1, Dsts: 1, Pkts: 37638, Unique sigs: 0

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135-1025 (9 packets)

SRC:  63.206.135.90, DL: 1, Dsts: 4, Pkts: 150643, Unique sigs: 0

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 445 (9 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)

SRC:  213.103.58.104, DL: 1, Dsts: 1, Pkts: 37937, Unique sigs: 0

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139-445 (6 packets)

SRC:  63.187.240.55, DL: 1, Dsts: 1, Pkts: 38031, Unique sigs: 0

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135-2745 (9 packets)

SRC:  61.230.221.190, DL: 1, Dsts: 1, Pkts: 38187, Unique sigs: 0

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 25-6666 (6 packets)

SRC:  63.191.160.161, DL: 1, Dsts: 1, Pkts: 39053, Unique sigs: 0

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-2745 (6 packets)

SRC:  63.124.1.5, DL: 1, Dsts: 24, Pkts: 943392, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135-6129 (8 packets)

SRC:  63.13.232.193, DL: 1, Dsts: 11, Pkts: 438445, Unique sigs: 0

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 445 (6 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 139-445 (9 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 445 (2 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 445 (3 packets)

SRC:  63.117.246.27, DL: 1, Dsts: 24, Pkts: 959337, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 135-445 (7 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135-445 (7 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135-445 (7 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 135-445 (4 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 135-445 (7 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 135-445 (8 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 135-445 (9 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 135-445 (6 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 135-445 (10 packets)
