11/15-03:12:46.700988  [**] [1:299913:1] E2[rb] SHELLCODE x86 0x90 unicode NOOP [**] [Classification: Executable code was detected] [Priority: 1] {TCP} 67.55.178.248:20269 -> 192.168.1.231:135
11/15-03:12:46.913060  [**] [1:52123:3] E5[rb] REGISTERED FREE ATTACK-RESPONSES Microsoft cmd.exe banner [**] [Classification: Successful Administrator Privilege Gain] [Priority: 1] {TCP} 192.168.1.231:1031 -> 67.55.178.248:707
11/15-03:12:48.148066  [**] [1:3001441:1] E3[rb] TFTP GET .exe from external source [**] [Classification: Successful Administrator Privilege Gain] [Priority: 1] {UDP} 192.168.1.231:1032 -> 67.55.178.248:69
11/15-03:12:48.148066  [**] [1:2008120:1] E3[rb] ET POLICY Outbound TFTP Read Request [**] [Classification: Potentially Bad Traffic] [Priority: 2] {UDP} 192.168.1.231:1032 -> 67.55.178.248:69
11/15-03:12:48.148066  [**] [1:1444:3] E3[rb] TFTP GET from external source [**] [Classification: Potentially Bad Traffic] [Priority: 2] {UDP} 192.168.1.231:1032 -> 67.55.178.248:69
11/15-03:13:28.354838  [**] [1:3001441:1] E3[rb] TFTP GET .exe from external source [**] [Classification: Successful Administrator Privilege Gain] [Priority: 1] {UDP} 192.168.1.231:1033 -> 67.55.178.248:69
11/15-03:13:28.354838  [**] [1:2008120:1] E3[rb] ET POLICY Outbound TFTP Read Request [**] [Classification: Potentially Bad Traffic] [Priority: 2] {UDP} 192.168.1.231:1033 -> 67.55.178.248:69
11/15-03:13:28.354838  [**] [1:1444:3] E3[rb] TFTP GET from external source [**] [Classification: Potentially Bad Traffic] [Priority: 2] {UDP} 192.168.1.231:1033 -> 67.55.178.248:69
11/15-03:14:46.034654  [**] [1:2000352:6] E6[rb] ET ATTACK RESPONSE IRC - dns request on non-std port [**] [Classification: Potential Corporate Privacy Violation] [Priority: 1] {TCP} 192.168.1.231:1035 -> 89.208.33.88:3305
11/15-03:14:46.229224  [**] [1:2000346:7] E4[rb] ET ATTACK RESPONSE IRC - Name response on non-std port [**] [Classification: A Network Trojan was detected] [Priority: 1] {TCP} 89.208.33.88:3305 -> 192.168.1.231:1035
11/15-03:14:46.229661  [**] [1:2000352:6] E6[rb] ET ATTACK RESPONSE IRC - dns request on non-std port [**] [Classification: Potential Corporate Privacy Violation] [Priority: 1] {TCP} 192.168.1.231:1035 -> 89.208.33.88:3305
11/15-03:14:46.233283  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.231:137 -> 192.168.1.231:137
11/15-03:14:47.740750  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.231:137 -> 192.168.1.231:137
11/15-03:14:49.208117  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.231:137 -> 192.168.1.231:137
11/15-03:14:50.733197  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.231:137 -> 192.168.1.231:137
11/15-03:14:52.244287  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.231:137 -> 192.168.1.231:137
11/15-03:14:53.732265  [**] [116:151:1] (snort decoder) Bad Traffic Same Src/Dst IP [**] [Priority: 3] {UDP} 192.168.1.231:137 -> 192.168.1.231:137