[+] Top 50 signature matches:
      "MISC Radmin Default install options attempt" (tcp),  Count: 12246,  Unique sources: 215,  Sid: 100204
      "MISC Microsoft SQL Server communication attempt" (tcp),  Count: 9841,  Unique sources: 729,  Sid: 100205
      "PSAD-CUSTOM Slammer communication attempt" (udp),  Count: 5979,  Unique sources: 1617,  Sid: 100208
      "ICMP PING" (icmp),  Count: 4877,  Unique sources: 1384,  Sid: 384
      "ICMP PING Sun Solaris" (icmp),  Count: 1766,  Unique sources: 124,  Sid: 381
      "MISC Windows popup spam attempt" (udp),  Count: 1411,  Unique sources: 36,  Sid: 100196
      "BACKDOOR DoomJuice file upload attempt" (tcp),  Count: 738,  Unique sources: 59,  Sid: 2375
      "MISC MS Terminal Server communication attempt" (tcp),  Count: 730,  Unique sources: 12,  Sid: 100077
      "MISC VNC communication attempt" (tcp),  Count: 194,  Unique sources: 7,  Sid: 100202
      "MISC HP Web JetAdmin communication attempt" (tcp),  Count: 164,  Unique sources: 9,  Sid: 100084
      "BACKDOOR netbus Connection Cttempt" (tcp),  Count: 96,  Unique sources: 2,  Sid: 100028
      "BACKDOOR Subseven connection attempt" (tcp),  Count: 78,  Unique sources: 2,  Sid: 100207
      "DOS arkiea backup communication attempt" (tcp),  Count: 71,  Unique sources: 1,  Sid: 282
      "BACKDOOR typot trojan traffic" (tcp),  Count: 37,  Unique sources: 11,  Sid: 2182
      "ICMP traceroute" (icmp),  Count: 33,  Unique sources: 2,  Sid: 385
      "BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt" (tcp),  Count: 28,  Unique sources: 1,  Sid: 100041
      "PSAD-CUSTOM Kuang2 virus communication attempt" (tcp),  Count: 9,  Unique sources: 1,  Sid: 100206
      "P2P napster communication attempt" (tcp),  Count: 6,  Unique sources: 1,  Sid: 100090
      "POLICY vncviewer Java applet communication attempt" (tcp),  Count: 1,  Unique sources: 1,  Sid: 1846
      "RPC portmap listing UDP 32771" (udp),  Count: 1,  Unique sources: 1,  Sid: 1281
      "ICMP Large ICMP Packet" (icmp),  Count: 1,  Unique sources: 1,  Sid: 499
[+] Top 25 attackers:
      82.42.102.90    DL: 2, Packets: 2, Sig count: 1
      172.172.125.249 DL: 2, Packets: 1, Sig count: 1
      222.248.13.38   DL: 2, Packets: 2, Sig count: 1
      81.195.3.202    DL: 2, Packets: 1, Sig count: 1
      63.91.25.179    DL: 2, Packets: 1, Sig count: 1
      221.209.56.17   DL: 2, Packets: 2, Sig count: 1
      211.229.94.192  DL: 2, Packets: 35, Sig count: 35
      146.129.242.30  DL: 2, Packets: 1, Sig count: 1
      201.254.227.2   DL: 2, Packets: 3, Sig count: 3
      69.211.59.234   DL: 2, Packets: 1, Sig count: 1
      81.86.102.64    DL: 2, Packets: 1, Sig count: 1
      195.122.21.119  DL: 2, Packets: 1, Sig count: 1
      220.152.76.204  DL: 2, Packets: 1, Sig count: 1
      222.149.177.224 DL: 2, Packets: 1, Sig count: 1
      210.127.255.156 DL: 2, Packets: 3, Sig count: 3
      84.222.61.42    DL: 2, Packets: 1, Sig count: 1
      220.249.95.131  DL: 2, Packets: 2, Sig count: 1
      218.154.82.100  DL: 2, Packets: 1, Sig count: 2
      85.65.187.234   DL: 2, Packets: 72, Sig count: 72
      66.30.106.216   DL: 2, Packets: 1, Sig count: 1
      66.131.126.31   DL: 2, Packets: 2, Sig count: 1
      207.181.177.58  DL: 2, Packets: 47, Sig count: 47
      211.91.221.208  DL: 2, Packets: 1, Sig count: 1
      63.175.148.150  DL: 2, Packets: 3, Sig count: 3
[+] Top 20 scanned ports:
      tcp 135   56400 packets
      tcp 445   27142 packets
      tcp 139   16510 packets
      tcp 4899  12246 packets
      tcp 1433  9841 packets
      tcp 3306  4786 packets
      tcp 80    3924 packets
      tcp 22    2829 packets
      tcp 42    2413 packets
      tcp 21    1387 packets
      tcp 1025  1215 packets
      tcp 5554  880 packets
      tcp 3389  730 packets
      tcp 25    723 packets
      tcp 3127  638 packets
      tcp 9898  620 packets
      tcp 6129  529 packets
      tcp 6101  493 packets
      tcp 2100  399 packets
      tcp 1023  363 packets


      udp 1434  5979 packets
      udp 137   3448 packets
      udp 1026  907 packets
      udp 514   810 packets
      udp 1027  527 packets
      udp 53    320 packets
      udp 3412  64 packets
      udp 43215 50 packets
      udp 1     46 packets
      udp 135   39 packets
      udp 5093  33 packets
      udp 111   20 packets
      udp 1024  19 packets
      udp 9969  4 packets
      udp 666   3 packets
      udp 1432  2 packets
      udp 14328 2 packets
      udp 13866 1 packets
      udp 7     1 packets
      udp 6195  1 packets
Netfilter log prefix counters:
      "Drop udp after inbound try": 27
      "OUTBOUND CONN UDP:": 955
      "INBOUND UDP:": 11374
      "Drop TCP after 17 attempts": 14
      "OUTBOUND CONN TCP:": 1664
      "INBOUND TCP:": 160789
      "INBOUND ICMP:": 4877
      "Drop udp after 23 attempts": 35
      "Drop it after inbound try": 1

    Total scan sources: 4205
    Total scan destinations: 70
    Total packet counters: tcp: 40938, udp: 9001, icmp: 4877

[+] IP Status Detail:

SRC:  82.42.102.90, DL: 2, Dsts: 1, Pkts: 2, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.172.125.249, DL: 2, Dsts: 1, Pkts: 1, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.248.13.38, DL: 2, Dsts: 1, Pkts: 4, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.195.3.202, DL: 2, Dsts: 1, Pkts: 2, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.91.25.179, DL: 2, Dsts: 1, Pkts: 3, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.209.56.17, DL: 2, Dsts: 1, Pkts: 7, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.229.94.192, DL: 2, Dsts: 13, Pkts: 280, Unique sigs: 13

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  146.129.242.30, DL: 2, Dsts: 1, Pkts: 5, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.254.227.2, DL: 2, Dsts: 1, Pkts: 41, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.211.59.234, DL: 2, Dsts: 1, Pkts: 3, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.86.102.64, DL: 2, Dsts: 1, Pkts: 4, Unique sigs: 1

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.122.21.119, DL: 2, Dsts: 1, Pkts: 5, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.152.76.204, DL: 2, Dsts: 1, Pkts: 6, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.149.177.224, DL: 2, Dsts: 1, Pkts: 6, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  210.127.255.156, DL: 2, Dsts: 1, Pkts: 44, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  84.222.61.42, DL: 2, Dsts: 1, Pkts: 7, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.249.95.131, DL: 2, Dsts: 1, Pkts: 52, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.154.82.100, DL: 2, Dsts: 1, Pkts: 8, Unique sigs: 2

    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  85.65.187.234, DL: 2, Dsts: 24, Pkts: 1980, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  66.30.106.216, DL: 2, Dsts: 1, Pkts: 9, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.131.126.31, DL: 2, Dsts: 1, Pkts: 128, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  207.181.177.58, DL: 2, Dsts: 24, Pkts: 832, Unique sigs: 24

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  211.91.221.208, DL: 2, Dsts: 1, Pkts: 58, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.175.148.150, DL: 2, Dsts: 1, Pkts: 121, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.187.118.39, DL: 2, Dsts: 1, Pkts: 59, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.202.205.64, DL: 2, Dsts: 1, Pkts: 8, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.248.3.235, DL: 2, Dsts: 8, Pkts: 108, Unique sigs: 8

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  211.212.230.147, DL: 2, Dsts: 1, Pkts: 124, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  202.105.129.215, DL: 2, Dsts: 1, Pkts: 60, Unique sigs: 2

    DST: 11.11.79.89
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  211.177.79.44, DL: 2, Dsts: 24, Pkts: 7658, Unique sigs: 43

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 57-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 57-1433 (7 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 57-1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 57-139 (10 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 57-1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 57-139 (7 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 139-1433 (9 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 57-1433 (8 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 57-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 57-139 (9 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 57-1433 (15 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 57-1433 (11 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 139-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 5, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 57-1433 (13 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 57 (6 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 57-1433 (12 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 5, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 57-1433 (14 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 6, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 57-1433 (10 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  61.185.75.121, DL: 2, Dsts: 3, Pkts: 63, Unique sigs: 3

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  68.42.156.108, DL: 2, Dsts: 1, Pkts: 23, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.150.117.3, DL: 2, Dsts: 1, Pkts: 24, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  138.73.71.118, DL: 2, Dsts: 1, Pkts: 472, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.88.15.41, DL: 2, Dsts: 1, Pkts: 110, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  208.211.19.57, DL: 2, Dsts: 3, Pkts: 78, Unique sigs: 3

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.98.20.130, DL: 2, Dsts: 1, Pkts: 28, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.209.82.20, DL: 2, Dsts: 1, Pkts: 29, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  64.62.145.98, DL: 2, Dsts: 24, Pkts: 16856, Unique sigs: 0

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 80 (20 packets)
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 22-80 (21 packets)
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 22-80 (20 packets)
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 80 (20 packets)
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 22-80 (20 packets)
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 80 (20 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 22-80 (4 packets)
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 80 (20 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 80 (19 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 22-80 (20 packets)
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 22-80 (22 packets)
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 22-80 (20 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 22-80 (20 packets)

SRC:  80.73.209.173, DL: 2, Dsts: 1, Pkts: 30, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  219.84.78.31, DL: 2, Dsts: 1, Pkts: 111, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  201.1.110.192, DL: 2, Dsts: 1, Pkts: 922, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.142.70.108, DL: 2, Dsts: 1, Pkts: 112, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.177.153.106, DL: 2, Dsts: 1, Pkts: 1036, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  213.120.98.50, DL: 2, Dsts: 1, Pkts: 31, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  217.221.171.21, DL: 2, Dsts: 1, Pkts: 32, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.108.90.23, DL: 2, Dsts: 2, Pkts: 229, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.140.254.50, DL: 2, Dsts: 8, Pkts: 307, Unique sigs: 8

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (3 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 3, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.116.15.241, DL: 2, Dsts: 1, Pkts: 116, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.174.220.106, DL: 2, Dsts: 1, Pkts: 926, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  4.249.135.159, DL: 2, Dsts: 1, Pkts: 44, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.128.13.102, DL: 2, Dsts: 1, Pkts: 1044, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.173.187.144, DL: 2, Dsts: 1, Pkts: 118, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.11.200.77, DL: 2, Dsts: 1, Pkts: 45, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.144.232.176, DL: 2, Dsts: 1, Pkts: 46, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.11.200.59, DL: 2, Dsts: 1, Pkts: 47, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.208.177.186, DL: 2, Dsts: 1, Pkts: 930, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.249.222.67, DL: 2, Dsts: 24, Pkts: 23220, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  221.11.156.218, DL: 2, Dsts: 1, Pkts: 1005, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  69.251.26.49, DL: 2, Dsts: 1, Pkts: 48, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  83.17.61.186, DL: 2, Dsts: 2, Pkts: 239, Unique sigs: 4

    DST: 11.11.79.81
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381
    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  221.168.197.4, DL: 2, Dsts: 1, Pkts: 1008, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.20.115.100, DL: 2, Dsts: 1, Pkts: 1009, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  218.85.238.186, DL: 2, Dsts: 1, Pkts: 1012, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  200.74.33.101, DL: 2, Dsts: 1, Pkts: 49, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.40.106.194, DL: 2, Dsts: 1, Pkts: 1015, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  220.76.67.248, DL: 2, Dsts: 24, Pkts: 25260, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  210.195.12.11, DL: 2, Dsts: 1, Pkts: 50, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  130.239.67.227, DL: 2, Dsts: 1, Pkts: 51, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.243.196.240, DL: 2, Dsts: 1, Pkts: 52, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.106.185.37, DL: 2, Dsts: 1, Pkts: 53, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  222.118.116.132, DL: 2, Dsts: 24, Pkts: 26583, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  66.60.32.126, DL: 2, Dsts: 1, Pkts: 121, Unique sigs: 2

    DST: 11.11.79.83
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.164.48.163, DL: 2, Dsts: 1, Pkts: 1129, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3127 (3 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3127, SYN, Sid: 2375

SRC:  67.126.194.45, DL: 2, Dsts: 2, Pkts: 245, Unique sigs: 2

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.240.29.3, DL: 2, Dsts: 2, Pkts: 109, Unique sigs: 2

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  194.179.25.55, DL: 2, Dsts: 2, Pkts: 113, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.191.113.85, DL: 2, Dsts: 1, Pkts: 124, Unique sigs: 1

    DST: 11.11.79.67
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.191.128.14, DL: 2, Dsts: 2, Pkts: 251, Unique sigs: 2

    DST: 11.11.79.82
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.184.231.133, DL: 2, Dsts: 1, Pkts: 1131, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  220.158.63.23, DL: 2, Dsts: 1, Pkts: 58, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.217.79.250, DL: 2, Dsts: 1, Pkts: 59, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  12.17.180.104, DL: 2, Dsts: 1, Pkts: 1344, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.179.251.125, DL: 2, Dsts: 24, Pkts: 30108, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  4.232.57.228, DL: 2, Dsts: 1, Pkts: 60, Unique sigs: 1

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  85.33.107.145, DL: 2, Dsts: 19, Pkts: 24740, Unique sigs: 19

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  68.196.112.117, DL: 2, Dsts: 1, Pkts: 61, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.99.177.56, DL: 2, Dsts: 8, Pkts: 524, Unique sigs: 8

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  151.44.154.244, DL: 2, Dsts: 1, Pkts: 70, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  148.223.119.56, DL: 2, Dsts: 1, Pkts: 71, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.18.240.122, DL: 2, Dsts: 1, Pkts: 128, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.69.63.171, DL: 2, Dsts: 3, Pkts: 2764, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.26.221.160, DL: 2, Dsts: 1, Pkts: 1452, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  146.145.49.181, DL: 2, Dsts: 24, Pkts: 35638, Unique sigs: 34
    Source OS fingerprint:
        Windows NT

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (6 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 57-139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 57 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 57-139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 57-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 57-1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (7 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 139-1433 (5 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 3, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 57-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 137 (2 packets)
        Scanned ports: FORWARD br0 tcp 57-139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 57 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 57-1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 137 (3 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 137 (1 packets)
        Scanned ports: FORWARD br0 tcp 57-1433 (4 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  62.175.7.79, DL: 2, Dsts: 1, Pkts: 103, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.124.104.154, DL: 2, Dsts: 1, Pkts: 104, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.161.252.199, DL: 2, Dsts: 1, Pkts: 105, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.153.220.158, DL: 2, Dsts: 2, Pkts: 1712, Unique sigs: 2

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  4.227.29.211, DL: 2, Dsts: 1, Pkts: 106, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.233.9.244, DL: 2, Dsts: 1, Pkts: 1561, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.165.172.81, DL: 2, Dsts: 1, Pkts: 158, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.0.241.249, DL: 2, Dsts: 1, Pkts: 108, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208

SRC:  63.28.114.152, DL: 2, Dsts: 1, Pkts: 1407, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.207.26.199, DL: 2, Dsts: 2, Pkts: 219, Unique sigs: 2

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.178.57.62, DL: 2, Dsts: 1, Pkts: 159, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.215.154.19, DL: 2, Dsts: 3, Pkts: 4234, Unique sigs: 3

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  61.185.28.106, DL: 2, Dsts: 4, Pkts: 452, Unique sigs: 4

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (2 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 2, DP: 1434, Sid: 100208
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.17.38.80, DL: 2, Dsts: 1, Pkts: 1576, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.233.44, DL: 2, Dsts: 1, Pkts: 161, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  82.125.199.246, DL: 2, Dsts: 1, Pkts: 116, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  62.209.160.173, DL: 2, Dsts: 24, Pkts: 34599, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.18.172.23, DL: 2, Dsts: 1, Pkts: 162, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.122.195.88, DL: 2, Dsts: 1, Pkts: 117, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.9.84.90, DL: 2, Dsts: 1, Pkts: 1630, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  63.159.173.1, DL: 2, Dsts: 1, Pkts: 164, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.103.25.210, DL: 2, Dsts: 1, Pkts: 118, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.88.40.202, DL: 2, Dsts: 1, Pkts: 165, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.67.128.111, DL: 2, Dsts: 1, Pkts: 1470, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  65.122.119.10, DL: 2, Dsts: 1, Pkts: 1637, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.218.20.19, DL: 2, Dsts: 1, Pkts: 1474, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  61.18.111.62, DL: 2, Dsts: 1, Pkts: 167, Unique sigs: 1

    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  172.158.125.107, DL: 2, Dsts: 1, Pkts: 119, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.49.202.91, DL: 2, Dsts: 24, Pkts: 36276, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  199.232.230.61, DL: 2, Dsts: 1, Pkts: 120, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.211.163.97, DL: 2, Dsts: 1, Pkts: 121, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.214.25.70, DL: 2, Dsts: 1, Pkts: 122, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.185.167.232, DL: 2, Dsts: 1, Pkts: 1548, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  149.156.162.162, DL: 2, Dsts: 1, Pkts: 123, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.153.17.136, DL: 2, Dsts: 2, Pkts: 3105, Unique sigs: 2
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.167.51.110, DL: 2, Dsts: 1, Pkts: 124, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.189.18.33, DL: 2, Dsts: 24, Pkts: 37855, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 3389 (3 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 3389 (1 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3389, SYN, Sid: 100077
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 3389 (2 packets)
        Signature match: "MISC MS Terminal Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3389, SYN, Sid: 100077

SRC:  218.0.6.200, DL: 2, Dsts: 14, Pkts: 22477, Unique sigs: 14

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  203.136.78.157, DL: 2, Dsts: 1, Pkts: 125, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.228.91.98, DL: 2, Dsts: 1, Pkts: 126, Unique sigs: 1

    DST: 11.11.79.105
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.86.10.224, DL: 2, Dsts: 1, Pkts: 1615, Unique sigs: 1

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  211.200.8.200, DL: 2, Dsts: 24, Pkts: 41540, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 139 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.64
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 139 (2 packets)
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 139 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.74.187.61, DL: 2, Dsts: 1, Pkts: 1654, Unique sigs: 1

    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 3128 (1 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 1, DP: 3128, SYN, Sid: 2375

SRC:  220.169.225.120, DL: 2, Dsts: 1, Pkts: 1656, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  222.252.32.213, DL: 2, Dsts: 1, Pkts: 190, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.217.26.190, DL: 2, Dsts: 1, Pkts: 127, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.184.238.22, DL: 2, Dsts: 1, Pkts: 1659, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  212.21.207.148, DL: 2, Dsts: 1, Pkts: 128, Unique sigs: 1

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  195.194.178.154, DL: 2, Dsts: 1, Pkts: 191, Unique sigs: 2

    DST: 11.11.79.120
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.7.136.60, DL: 2, Dsts: 18, Pkts: 30267, Unique sigs: 18
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (1 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 1, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  63.18.123.98, DL: 2, Dsts: 1, Pkts: 192, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  221.232.144.26, DL: 2, Dsts: 2, Pkts: 387, Unique sigs: 2

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.13.12.241, DL: 2, Dsts: 1, Pkts: 1703, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  213.102.116.29, DL: 2, Dsts: 1, Pkts: 129, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  218.31.113.242, DL: 2, Dsts: 22, Pkts: 37934, Unique sigs: 22

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  68.89.167.87, DL: 2, Dsts: 1, Pkts: 1941, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  211.143.29.129, DL: 2, Dsts: 5, Pkts: 660, Unique sigs: 5

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.226.110.175, DL: 2, Dsts: 4, Pkts: 6999, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 3128 (2 packets)
        Signature match: "BACKDOOR DoomJuice file upload attempt" (tcp), Chain: FORWARD, Count: 2, DP: 3128, SYN, Sid: 2375
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 80 (2 packets)
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 80 (1 packets)

SRC:  202.105.237.238, DL: 2, Dsts: 1, Pkts: 1755, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  82.81.249.81, DL: 2, Dsts: 1, Pkts: 196, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  68.207.207.104, DL: 2, Dsts: 1, Pkts: 135, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.20.175.54, DL: 2, Dsts: 1, Pkts: 1955, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.15.105.109, DL: 2, Dsts: 1, Pkts: 198, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  69.1.28.141, DL: 2, Dsts: 2, Pkts: 273, Unique sigs: 2

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  4.157.38.51, DL: 2, Dsts: 1, Pkts: 138, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.111.51.139, DL: 2, Dsts: 2, Pkts: 279, Unique sigs: 2

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  172.216.143.184, DL: 2, Dsts: 1, Pkts: 141, Unique sigs: 1

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  211.237.125.81, DL: 2, Dsts: 1, Pkts: 1761, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  212.104.102.101, DL: 2, Dsts: 1, Pkts: 199, Unique sigs: 2

    DST: 11.11.79.73
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  24.6.97.6, DL: 2, Dsts: 1, Pkts: 200, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.159.62.131, DL: 2, Dsts: 2, Pkts: 285, Unique sigs: 2

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.249.126.194, DL: 2, Dsts: 2, Pkts: 289, Unique sigs: 2

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  209.47.200.225, DL: 2, Dsts: 1, Pkts: 1965, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.216.239.180, DL: 2, Dsts: 1, Pkts: 1767, Unique sigs: 1

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  218.75.196.34, DL: 2, Dsts: 1, Pkts: 202, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.198.203.151, DL: 2, Dsts: 1, Pkts: 1973, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.115.46.225, DL: 2, Dsts: 2, Pkts: 3952, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  200.87.128.114, DL: 2, Dsts: 1, Pkts: 1775, Unique sigs: 1

    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.145.33.88, DL: 2, Dsts: 1, Pkts: 146, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  193.126.173.200, DL: 2, Dsts: 1, Pkts: 147, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  61.68.2.151, DL: 2, Dsts: 1, Pkts: 148, Unique sigs: 1

    DST: 11.11.79.82
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  134.215.203.97, DL: 2, Dsts: 1, Pkts: 149, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  212.1.241.118, DL: 2, Dsts: 24, Pkts: 43475, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204

SRC:  63.159.64.101, DL: 2, Dsts: 2, Pkts: 2052, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (2 packets)
    DST: 11.11.79.100
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.13.28.104, DL: 2, Dsts: 1, Pkts: 207, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  61.90.79.73, DL: 2, Dsts: 1, Pkts: 208, Unique sigs: 2

    DST: 11.11.79.85
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
        Signature match: "ICMP PING Sun Solaris" (icmp), Chain: FORWARD, Count: 1, Sid: 381

SRC:  218.0.1.204, DL: 2, Dsts: 24, Pkts: 45051, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  202.71.143.195, DL: 2, Dsts: 1, Pkts: 150, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  220.172.91.251, DL: 2, Dsts: 1, Pkts: 1908, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  219.147.35.20, DL: 2, Dsts: 1, Pkts: 151, Unique sigs: 1

    DST: 11.11.79.87
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  81.120.43.12, DL: 2, Dsts: 1, Pkts: 2120, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  81.245.100.225, DL: 2, Dsts: 1, Pkts: 1920, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  80.52.27.87, DL: 2, Dsts: 1, Pkts: 152, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.183.169.120, DL: 2, Dsts: 1, Pkts: 210, Unique sigs: 1

    DST: 11.11.79.69
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.134.87.154, DL: 2, Dsts: 1, Pkts: 2136, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80-135 (4 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 2, Sid: 384

SRC:  63.27.198.226, DL: 2, Dsts: 1, Pkts: 1927, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  63.21.200.212, DL: 2, Dsts: 1, Pkts: 153, Unique sigs: 1

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  221.127.4.135, DL: 2, Dsts: 7, Pkts: 1099, Unique sigs: 7

    DST: 11.11.79.84
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.69
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  11.11.79.71, DL: 2, Dsts: 2, Pkts: 340, Unique sigs: 0, local IP!

    DST: 62.75.177.165
        Scanned ports: FORWARD br0 udp 1026 (1 packets)
    DST: 217.172.188.228
        Scanned ports: FORWARD br0 udp 3412-43215 (18 packets)

SRC:  62.126.79.89, DL: 2, Dsts: 1, Pkts: 181, Unique sigs: 1

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 udp 135-1026 (2 packets)
        Signature match: "MISC Windows popup spam attempt" (udp), Chain: FORWARD, Count: 1, DP: 1026, Sid: 100196

SRC:  221.137.217.236, DL: 2, Dsts: 1, Pkts: 1929, Unique sigs: 1

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  221.126.136.90, DL: 2, Dsts: 1, Pkts: 182, Unique sigs: 1

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  65.107.69.197, DL: 2, Dsts: 2, Pkts: 4292, Unique sigs: 2

    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 135 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  66.148.207.102, DL: 2, Dsts: 1, Pkts: 183, Unique sigs: 1

    DST: 11.11.79.83
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  66.108.170.13, DL: 2, Dsts: 1, Pkts: 184, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  69.66.70.158, DL: 2, Dsts: 1, Pkts: 185, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.20.8.111, DL: 2, Dsts: 1, Pkts: 2151, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 445 (3 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  65.132.36.10, DL: 2, Dsts: 2, Pkts: 373, Unique sigs: 2

    DST: 11.11.79.115
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  213.249.130.235, DL: 2, Dsts: 1, Pkts: 216, Unique sigs: 1

    DST: 11.11.79.110
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  134.215.193.203, DL: 2, Dsts: 1, Pkts: 188, Unique sigs: 1

    DST: 11.11.79.80
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  10.204.6.220, DL: 2, Dsts: 1, Pkts: 217, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  218.63.73.136, DL: 2, Dsts: 3, Pkts: 5814, Unique sigs: 3

    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 1433 (1 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 1, DP: 1433, SYN, Sid: 100205

SRC:  221.3.108.133, DL: 2, Dsts: 1, Pkts: 1942, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  84.247.54.63, DL: 2, Dsts: 1, Pkts: 189, Unique sigs: 1

    DST: 11.11.79.120
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  63.27.12.28, DL: 2, Dsts: 1, Pkts: 218, Unique sigs: 1

    DST: 11.11.79.125
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  220.166.185.183, DL: 2, Dsts: 1, Pkts: 219, Unique sigs: 1

    DST: 11.11.79.95
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  219.134.33.26, DL: 2, Dsts: 1, Pkts: 220, Unique sigs: 1

    DST: 11.11.79.105
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  24.194.40.220, DL: 2, Dsts: 1, Pkts: 2173, Unique sigs: 1

    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  212.48.163.141, DL: 2, Dsts: 2, Pkts: 4352, Unique sigs: 2

    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 80 (1 packets)
        Signature match: "ICMP PING" (icmp), Chain: FORWARD, Count: 1, Sid: 384

SRC:  203.109.142.75, DL: 2, Dsts: 1, Pkts: 190, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  203.196.165.47, DL: 2, Dsts: 24, Pkts: 47777, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (2 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 2, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  213.66.95.232, DL: 2, Dsts: 1, Pkts: 191, Unique sigs: 1

    DST: 11.11.79.72
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.217.80.65, DL: 2, Dsts: 1, Pkts: 2028, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  66.30.125.150, DL: 2, Dsts: 1, Pkts: 192, Unique sigs: 1

    DST: 11.11.79.90
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  201.8.132.160, DL: 2, Dsts: 1, Pkts: 2031, Unique sigs: 1
    Source OS fingerprint:
        Windows XP/2000

    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 1433 (3 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 3, DP: 1433, SYN, Sid: 100205

SRC:  172.196.201.54, DL: 2, Dsts: 1, Pkts: 193, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  202.62.85.66, DL: 2, Dsts: 24, Pkts: 49644, Unique sigs: 24

    DST: 11.11.79.69
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.73
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.84
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.95
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.89
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.87
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.81
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.105
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.70
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.90
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.71
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.82
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.110
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.100
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.115
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.64
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.80
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.83
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.72
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.85
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.75
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.120
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204
    DST: 11.11.79.67
        Scanned ports: FORWARD br0 tcp 4899 (3 packets)
        Signature match: "MISC Radmin Default install options attempt" (tcp), Chain: FORWARD, Count: 3, DP: 4899, SYN, Sid: 100204

SRC:  220.189.91.241, DL: 2, Dsts: 1, Pkts: 2105, Unique sigs: 1

    DST: 11.11.79.125
        Scanned ports: FORWARD br0 tcp 1433 (2 packets)
        Signature match: "MISC Microsoft SQL Server communication attempt" (tcp), Chain: FORWARD, Count: 2, DP: 1433, SYN, Sid: 100205

SRC:  151.25.187.179, DL: 2, Dsts: 1, Pkts: 194, Unique sigs: 1

    DST: 11.11.79.70
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208

SRC:  200.231.68.216, DL: 2, Dsts: 1, Pkts: 195, Unique sigs: 1

    DST: 11.11.79.67
        Scanned ports: FORWARD br0 udp 1434 (1 packets)
        Signature match: "PSAD-CUSTOM Slammer communication attempt" (udp), Chain: FORWARD, Count: 1, DP: 1434, Sid: 100208