misc/fast.log.1
10/06/2016-07:14:39.186933 [**] [1:2500034:4093] ET COMPROMISED Known Compromised or Hostile Host Traffic group 18 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 183.129.160.229:16192 -> 192.168.0.5:80
10/06/2016-09:44:22.405503 [**] [1:2013224:12] ET POLICY Suspicious User-Agent Containing .exe [**] [Classification: A Network Trojan was Detected] [Priority: 1] {TCP} 192.168.0.21:61214 -> 213.185.164.216:80
10/06/2016-09:59:15.555306 [**] [1:2019401:14] ET POLICY Vulnerable Java Version 1.8.x Detected [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 192.168.0.27:49286 -> 23.37.43.27:80
10/06/2016-09:59:15.647027 [**] [1:2019401:14] ET POLICY Vulnerable Java Version 1.8.x Detected [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 192.168.0.27:49288 -> 23.37.43.27:80
10/06/2016-10:00:47.457385 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.13:59845 -> 172.217.21.98:443
10/06/2016-10:00:47.458093 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 172.217.21.98:443 -> 192.168.0.13:59845
10/06/2016-10:00:47.518407 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.13:59847 -> 185.33.220.5:443
10/06/2016-10:00:47.518947 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 185.33.220.5:443 -> 192.168.0.13:59847
10/06/2016-10:01:22.040337 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:49760 -> 195.182.26.70:443
10/06/2016-10:01:22.092234 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:49760
10/06/2016-10:01:22.984315 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:49762 -> 195.182.26.70:443
10/06/2016-10:01:23.032643 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:49762
10/06/2016-10:01:23.500111 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:49764 -> 195.182.26.70:443
10/06/2016-10:01:23.547588 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:49764
10/06/2016-10:01:23.777248 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:49766 -> 195.182.26.70:443
10/06/2016-10:01:23.826879 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:49766
10/06/2016-10:01:25.072561 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:49768 -> 195.182.26.70:443
10/06/2016-10:01:25.122716 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:49768
10/06/2016-10:01:39.295768 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:49774 -> 195.182.26.70:443
10/06/2016-10:01:39.343762 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:49774
10/06/2016-10:01:43.694306 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:49776 -> 195.182.26.70:443
10/06/2016-10:01:43.743578 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:49776
10/06/2016-10:01:46.065983 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:49779 -> 195.182.26.70:443
10/06/2016-10:01:46.115559 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:49779
10/06/2016-10:44:22.352988 [**] [1:2013224:12] ET POLICY Suspicious User-Agent Containing .exe [**] [Classification: A Network Trojan was Detected] [Priority: 1] {TCP} 192.168.0.21:62401 -> 213.185.164.216:80
10/06/2016-11:24:34.439602 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50361 -> 195.182.26.70:443
10/06/2016-11:24:34.490234 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50361
10/06/2016-11:24:34.952874 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50363 -> 195.182.26.70:443
10/06/2016-11:24:35.003259 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50363
10/06/2016-11:24:35.398791 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50365 -> 195.182.26.70:443
10/06/2016-11:24:35.688142 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50367 -> 195.182.26.70:443
10/06/2016-11:24:35.454109 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50365
10/06/2016-11:24:35.739529 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50367
10/06/2016-11:24:41.738544 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50369 -> 195.182.26.70:443
10/06/2016-11:24:41.787304 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50369
10/06/2016-11:24:44.080325 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50372 -> 195.182.26.70:443
10/06/2016-11:24:44.130042 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50372
10/06/2016-11:24:44.809038 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50374 -> 195.182.26.70:443
10/06/2016-11:24:44.856946 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50374
10/06/2016-11:25:39.392733 [**] [1:2402000:4200] ET DROP Dshield Block Listed Source group 1 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.216.43:443 -> 192.168.0.5:443
10/06/2016-11:25:39.392733 [**] [1:2403302:2973] ET CINS Active Threat Intelligence Poor Reputation IP group 3 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.216.43:443 -> 192.168.0.5:443
10/06/2016-11:33:03.671111 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50682 -> 195.182.26.70:443
10/06/2016-11:33:03.719371 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50682
10/06/2016-11:33:04.211684 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50684 -> 195.182.26.70:443
10/06/2016-11:33:04.260356 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50684
10/06/2016-11:33:04.869569 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50686 -> 195.182.26.70:443
10/06/2016-11:33:04.919184 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50686
10/06/2016-11:33:05.779465 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50688 -> 195.182.26.70:443
10/06/2016-11:33:05.790281 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50688
10/06/2016-11:33:08.934400 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50690 -> 195.182.26.70:443
10/06/2016-11:33:08.981786 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50690
10/06/2016-11:38:43.580726 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50707 -> 195.182.26.70:443
10/06/2016-11:38:43.630861 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50707
10/06/2016-11:42:45.210344 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50744 -> 195.182.26.70:443
10/06/2016-11:42:45.260877 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50744
10/06/2016-11:42:45.503674 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50746 -> 195.182.26.70:443
10/06/2016-11:42:45.554973 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50746
10/06/2016-11:42:45.813082 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50748 -> 195.182.26.70:443
10/06/2016-11:42:45.862735 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50748
10/06/2016-11:42:46.106513 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50750 -> 195.182.26.70:443
10/06/2016-11:42:46.364219 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50752 -> 195.182.26.70:443
10/06/2016-11:42:46.411981 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50752
10/06/2016-11:42:46.155033 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50750
10/06/2016-11:42:53.320067 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50756 -> 195.182.26.70:443
10/06/2016-11:42:53.370898 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50756
10/06/2016-11:42:53.711102 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50758 -> 195.182.26.70:443
10/06/2016-11:42:53.721841 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50758
10/06/2016-11:42:54.872327 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50760 -> 195.182.26.70:443
10/06/2016-11:42:54.923655 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50760
10/06/2016-11:44:22.320503 [**] [1:2013224:12] ET POLICY Suspicious User-Agent Containing .exe [**] [Classification: A Network Trojan was Detected] [Priority: 1] {TCP} 192.168.0.21:63642 -> 213.185.164.216:80
10/06/2016-11:46:51.362738 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:50798 -> 195.182.26.70:443
10/06/2016-11:46:51.412815 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:50798
10/06/2016-11:54:23.928145 [**] [1:2013224:12] ET POLICY Suspicious User-Agent Containing .exe [**] [Classification: A Network Trojan was Detected] [Priority: 1] {TCP} 192.168.0.21:63864 -> 213.185.164.216:80
10/06/2016-11:54:44.314769 [**] [1:2015561:2] ET INFO PDF Using CCITTFax Filter [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 87.106.10.40:80 -> 192.168.0.13:62018
10/06/2016-11:55:37.777647 [**] [1:2013224:12] ET POLICY Suspicious User-Agent Containing .exe [**] [Classification: A Network Trojan was Detected] [Priority: 1] {TCP} 192.168.0.21:63876 -> 213.185.164.216:80
10/06/2016-12:42:18.524190 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50701 -> 195.182.26.70:443
10/06/2016-12:42:18.572171 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50701
10/06/2016-12:42:18.878037 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50703 -> 195.182.26.70:443
10/06/2016-12:42:18.926799 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50703
10/06/2016-12:42:19.574259 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50705 -> 195.182.26.70:443
10/06/2016-12:42:19.626434 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50705
10/06/2016-12:42:20.022120 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50707 -> 195.182.26.70:443
10/06/2016-12:42:20.072932 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50707
10/06/2016-12:42:20.339976 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50709 -> 195.182.26.70:443
10/06/2016-12:42:20.389370 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50709
10/06/2016-12:42:25.100167 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50712 -> 195.182.26.70:443
10/06/2016-12:42:25.151540 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50712
10/06/2016-12:42:27.593697 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:50715 -> 195.182.26.70:443
10/06/2016-12:42:27.641473 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:50715
10/06/2016-12:49:46.811236 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.17:58206 -> 136.243.54.218:443
10/06/2016-12:49:46.834430 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 136.243.54.218:443 -> 192.168.0.17:58206
10/06/2016-12:49:48.305316 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.17:58275 -> 37.252.172.70:443
10/06/2016-12:49:48.540260 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 37.252.172.70:443 -> 192.168.0.17:58275
10/06/2016-13:55:27.681946 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:51297 -> 195.182.26.70:443
10/06/2016-13:55:27.733038 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:51297
10/06/2016-13:55:28.007280 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:51299 -> 195.182.26.70:443
10/06/2016-13:55:28.055659 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:51299
10/06/2016-13:55:28.295711 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:51301 -> 195.182.26.70:443
10/06/2016-13:55:28.342795 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:51301
10/06/2016-13:55:28.579846 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:51303 -> 195.182.26.70:443
10/06/2016-13:55:28.628843 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:51303
10/06/2016-13:55:29.057794 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:51305 -> 195.182.26.70:443
10/06/2016-13:55:29.067345 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:51305
10/06/2016-13:55:30.919653 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:51307 -> 195.182.26.70:443
10/06/2016-13:55:30.967892 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:51307
10/06/2016-13:58:30.794280 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:51339 -> 195.182.26.70:443
10/06/2016-13:58:30.843475 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:51339
10/06/2016-14:14:25.524991 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:51087 -> 195.182.26.70:443
10/06/2016-14:14:25.574540 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:51087
10/06/2016-14:14:25.830298 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:51089 -> 195.182.26.70:443
10/06/2016-14:14:25.879511 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:51089
10/06/2016-14:14:26.072196 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:51091 -> 195.182.26.70:443
10/06/2016-14:14:26.123644 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:51091
10/06/2016-14:14:27.566537 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:51093 -> 195.182.26.70:443
10/06/2016-14:14:27.614581 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:51093
10/06/2016-14:26:04.796851 [**] [1:2018959:2] ET POLICY PE EXE or DLL Windows file download HTTP [**] [Classification: Potential Corporate Privacy Violation] [Priority: 1] {TCP} 173.194.62.246:80 -> 192.168.0.22:49267
10/06/2016-15:13:43.419337 [**] [1:2018959:2] ET POLICY PE EXE or DLL Windows file download HTTP [**] [Classification: Potential Corporate Privacy Violation] [Priority: 1] {TCP} 172.227.186.144:80 -> 192.168.0.12:49697
10/06/2016-15:25:42.722773 [**] [1:2018959:2] ET POLICY PE EXE or DLL Windows file download HTTP [**] [Classification: Potential Corporate Privacy Violation] [Priority: 1] {TCP} 104.84.190.186:80 -> 192.168.0.22:49449
10/06/2016-17:06:50.928856 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.13:63778 -> 136.243.39.93:443
10/06/2016-17:06:50.965275 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 136.243.39.93:443 -> 192.168.0.13:63778
10/06/2016-17:11:20.543656 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:52373 -> 195.182.26.70:443
10/06/2016-17:11:20.594119 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:52373
10/06/2016-17:11:23.117712 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:52377 -> 195.182.26.70:443
10/06/2016-17:11:23.409590 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:52379 -> 195.182.26.70:443
10/06/2016-17:11:23.165725 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:52377
10/06/2016-17:11:23.456747 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:52379
10/06/2016-17:11:23.706986 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:52381 -> 195.182.26.70:443
10/06/2016-17:11:23.754938 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:52381
10/06/2016-17:11:23.965564 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:52383 -> 195.182.26.70:443
10/06/2016-17:11:24.013870 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:52383
10/06/2016-17:11:26.529664 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:52386 -> 195.182.26.70:443
10/06/2016-17:11:26.579047 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:52386
10/06/2016-17:11:27.193283 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:52388 -> 195.182.26.70:443
10/06/2016-17:11:27.205002 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:52388
10/06/2016-17:11:29.563647 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:52390 -> 195.182.26.70:443
10/06/2016-17:11:29.610961 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:52390
10/06/2016-17:16:05.701318 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.20:52415 -> 195.182.26.70:443
10/06/2016-17:16:05.748978 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.20:52415
10/06/2016-18:27:22.260810 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:52404 -> 195.182.26.70:443
10/06/2016-18:27:22.309444 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:52404
10/06/2016-18:27:22.878087 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:52406 -> 195.182.26.70:443
10/06/2016-18:27:23.116603 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:52408 -> 195.182.26.70:443
10/06/2016-18:27:22.929708 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:52406
10/06/2016-18:27:23.166721 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:52408
10/06/2016-18:27:23.395819 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.23:52410 -> 195.182.26.70:443
10/06/2016-18:27:23.443786 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 195.182.26.70:443 -> 192.168.0.23:52410
10/06/2016-19:03:04.751445 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 192.168.0.13:49344 -> 216.58.214.130:443
10/06/2016-19:03:04.754773 [**] [1:2230003:1] SURICATA TLS invalid handshake message [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 216.58.214.130:443 -> 192.168.0.13:49344
10/06/2016-21:31:41.925044 [**] [1:2402000:4200] ET DROP Dshield Block Listed Source group 1 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 61.240.144.65:42206 -> 192.168.0.5:443
10/06/2016-21:31:41.925044 [**] [1:2403302:2973] ET CINS Active Threat Intelligence Poor Reputation IP group 3 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 61.240.144.65:42206 -> 192.168.0.5:443
10/07/2016-04:48:38.031059 [**] [1:2500034:4093] ET COMPROMISED Known Compromised or Hostile Host Traffic group 18 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 183.129.160.229:811 -> 192.168.0.5:80