Now it begins
Apr. 18th, 2011 10:15 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
theholmIt is fist IPV6 exploit attempt I ever seen.
[**] [3:13287:4] BAD-TRAFFIC Windows remote kernel tcp/ip igmp vulnerability exploit attempt [**]
[Classification: Attempted Administrator Privilege Gain] [Priority: 1]
04/17-03:07:10.620625 2002:55d3:a8ad:0000:0000:0000:55d3:a8ad:46070 -> 2001:44b8:77ab:bb30:0204:23ff:fe0d:075b:36303
TCP TTL:119 TOS:0x0 ID:0 IpLen:40 DgmLen:1280
***A**** Seq: 0x3A1AC89E Ack: 0x391F703A Win: 0x3D TcpLen: 32
TCP Options (3) => NOP NOP TS: 25121285 1612112903
+[Xref => http://www.microsoft.com/technet/security/Bulletin/MS08-001.mspx][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-0069]
[**] [3:13287:4] BAD-TRAFFIC Windows remote kernel tcp/ip igmp vulnerability exploit attempt [**]
[Classification: Attempted Administrator Privilege Gain] [Priority: 1]
04/17-03:07:10.620625 2002:55d3:a8ad:0000:0000:0000:55d3:a8ad:46070 -> 2001:44b8:77ab:bb30:0204:23ff:fe0d:075b:36303
TCP TTL:119 TOS:0x0 ID:0 IpLen:40 DgmLen:1280
***A**** Seq: 0x3A1AC89E Ack: 0x391F703A Win: 0x3D TcpLen: 32
TCP Options (3) => NOP NOP TS: 25121285 1612112903
+[Xref => http://www.microsoft.com/technet/security/Bulletin/MS08-001.mspx][Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-0069]
