This Week Is Round: 381
NickName: Durran
Created at: 2017-03-02 08:45:15
Expiry at: 2017-04-02 00:00:00
Country: NZ
City/Town: Porirua
Phone Number Valid: NO
IDS Alerts: 1100
Total # Of Rounds Allowed: 5
Total # Of Rounds Played: 2
Rounds Played: #272 #273
Minutes Online: 1063 (17 hours)
Total Traffic Transfered: 507266841 bytes
Points: 2 of a maximum of 29
Points per Minute: 0.0019
Points per Hour: 0.1129

The following graph shows the game as it was when the user was playing
If hosts have been added or removed since the player expired these will not be shown

%3 cluster_a cluster_0 DMZ cluster_1 Desktop cluster_2 SCADA cluster_3 Key DMZ_Lime_Debian DMZ_Lime_Debian DMZ_ns1 DMZ_ns1 DMZ_www1_Debian DMZ_www1_Debian DMZ_VideoConf_TB DMZ_VideoConf_TB DMZ_Shop DMZ_Shop DMZ_Corpweb_Debian DMZ_Corpweb_Debian DMZ_Apache_FTP_Debian DMZ_Apache_FTP_Debian DMZ_RAS DMZ_RAS DMZ_Mail_Debian DMZ_Mail_Debian DMZ_Apache_Debian DMZ_Apache_Debian DMZ_GGW DMZ_GGW DMZ_Apache_Win2k3 DMZ_Apache_Win2k3 Desktop_HRDesktop_araju_WinXPSP2 Desktop_HRDesktop_araju_WinXPSP2 Desktop_UbuntuAdmin_Ubuntu Desktop_UbuntuAdmin_Ubuntu Desktop_MYSQL1_Debian Desktop_MYSQL1_Debian Desktop_Cacti_Debian Desktop_Cacti_Debian Desktop_FileServer_2k3 Desktop_FileServer_2k3 Desktop_ITDesktop_rforbes_WinXPSP2 Desktop_ITDesktop_rforbes_WinXPSP2 Desktop_MYSQL2_Debian Desktop_MYSQL2_Debian Desktop_AD_2k8 Desktop_AD_2k8 Desktop_Cisco1 Desktop_Cisco1 Desktop_Cisco2 Desktop_Cisco2 Desktop_Cisco3 Desktop_Cisco3 Desktop_Apache_Debian Desktop_Apache_Debian Desktop_Exchange_2k3sbs Desktop_Exchange_2k3sbs Desktop_Sharepoint Desktop_Sharepoint SCADA_Desktop_WINXP SCADA_Desktop_WINXP SCADACON_Win2k SCADACON_Win2k SCADACON_Reactor_Control SCADACON_Reactor_Control SCADA_IGSS_XP SCADA_IGSS_XP SCADA_Water SCADA_Water POINT 0wn3d NOPOINT Not0wn3d


The last 50 IDS alarms for Durran

DATE HOST Event
2017-03-23 14:03:02.675DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 3 times
2017-03-23 12:50:28.491DurranSERVER-WEBAPP JBoss web console access attempt
2017-03-23 12:50:15.053DurranSERVER-WEBAPP JBoss JMX console access attempt
2017-03-23 11:47:30.918DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 15 times
2017-03-23 08:45:23.606DurranSQL 1 = 1 - possible sql injection attempt
- Durran Previous message repeated 1 times
2017-03-23 08:44:40.078DurranSQL url ending in comment characters - possible sql injection attempt
- Durran Previous message repeated 9 times
2017-03-23 08:44:37.355DurranSQL 1 = 1 - possible sql injection attempt
2017-03-23 07:52:52.186DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 4 times
2017-03-23 07:48:32.568DurranSERVER-WEBAPP JBoss web console access attempt
2017-03-23 07:48:27.233DurranSERVER-WEBAPP JBoss JMX console access attempt
2017-03-23 07:39:34.247DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 6 times
2017-03-23 07:33:35.661DurranSERVER-WEBAPP JBoss web console access attempt
2017-03-23 07:33:29.069DurranSERVER-WEBAPP JBoss JMX console access attempt
2017-03-19 17:50:34.629DurranSERVER-WEBAPP JBoss web console access attempt
2017-03-19 17:50:22.015DurranSERVER-WEBAPP JBoss JMX console access attempt
2017-03-19 15:18:14.328DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 7 times
2017-03-19 15:12:37.177DurranSERVER-APACHE Apache Struts remote code execution attempt - GET parameter
- Durran Previous message repeated 1 times
2017-03-19 10:15:21.05DurranSERVER-WEBAPP JBoss web console access attempt
2017-03-19 10:15:15.537DurranSERVER-WEBAPP JBoss JMX console access attempt
2017-03-19 10:13:22.107DurranSERVER-WEBAPP JBoss web console access attempt
2017-03-19 10:13:16.274DurranSERVER-WEBAPP JBoss JMX console access attempt
2017-03-19 08:33:17.707DurranPOLICY-OTHER Adobe ColdFusion admin API access attempt
- Durran Previous message repeated 4 times
2017-03-19 08:31:12.103DurranMALWARE-OTHER Horde javascript.php href backdoor
- Durran Previous message repeated 4 times
2017-03-19 08:30:04.305DurranSERVER-WEBAPP WebTester install2.php arbitrary command execution attempt
2017-03-19 08:29:55.436DurranSERVER-WEBAPP JBoss web console access attempt
2017-03-19 08:29:52.242DurranSERVER-WEBAPP WebTester install2.php arbitrary command execution attempt
2017-03-19 08:29:50.234DurranSERVER-WEBAPP JBoss JMX console access attempt
2017-03-19 08:29:36.115DurranMALWARE-CNC Win.Trojan.Dexter variant outbound connection
2017-03-19 08:29:36.115DurranMALWARE-CNC Win.Trojan.Dexter CasinoLoader SQL injection
2017-03-19 08:29:35.559DurranMALWARE-CNC Win.Trojan.Dexter variant outbound connection
2017-03-19 08:29:35.559DurranMALWARE-CNC Win.Trojan.Dexter CasinoLoader SQL injection
2017-03-19 08:29:35.37DurranMALWARE-CNC Win.Trojan.Dexter variant outbound connection
2017-03-19 08:29:35.37DurranMALWARE-CNC Win.Trojan.Dexter CasinoLoader SQL injection
2017-03-19 08:29:34.875DurranMALWARE-CNC Win.Trojan.Dexter variant outbound connection
2017-03-19 08:29:34.875DurranMALWARE-CNC Win.Trojan.Dexter CasinoLoader SQL injection
- Durran Previous message repeated 1 times
2017-03-19 08:29:32.879DurranMALWARE-CNC Win.Trojan.Dexter variant outbound connection
2017-03-19 08:28:55.262DurranOS-OTHER Bash environment variable injection attempt
- Durran Previous message repeated 1 times
2017-03-19 08:28:01.108DurranSERVER-WEBAPP Joomla JDatabaseDriverMysqli unserialize code execution attempt
- Durran Previous message repeated 3 times
2017-03-18 14:37:26.922DurranOS-OTHER Bash environment variable injection attempt
2017-03-18 14:29:31.821DurranMALWARE-CNC Win.Trojan.Dexter variant outbound connection
2017-03-18 14:29:31.821DurranMALWARE-CNC Win.Trojan.Dexter CasinoLoader SQL injection
2017-03-18 14:29:24.029DurranPOLICY-OTHER Adobe ColdFusion admin interface access attempt
2017-03-18 13:25:55.991DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 377 times
2017-03-18 08:04:31.805DurranPOLICY-OTHER Adobe ColdFusion admin interface access attempt
2017-03-18 08:04:31.805DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 4 times
2017-03-18 08:04:31.747DurranPOLICY-OTHER Adobe ColdFusion admin interface access attempt
2017-03-18 08:04:31.742DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 183 times
2017-03-18 08:04:29.384DurranPOLICY-OTHER Adobe ColdFusion admin interface access attempt
2017-03-18 08:04:29.358DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 64 times
2017-03-18 08:04:28.087DurranPOLICY-OTHER Adobe ColdFusion admin interface access attempt
2017-03-18 08:04:28.03DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 85 times
2017-03-18 08:03:25.793DurranSERVER-WEBAPP JBoss JMXInvokerServlet access attempt
- Durran Previous message repeated 1 times
2017-03-18 08:03:18.751DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 29 times
2017-03-18 08:03:12.323DurranSERVER-WEBAPP JBoss JMXInvokerServlet access attempt
- Durran Previous message repeated 1 times
2017-03-18 08:03:11.824DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 22 times
2017-03-18 08:03:08.212DurranSERVER-WEBAPP JBoss web console access attempt
2017-03-18 08:03:08.185DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 1 times
2017-03-18 08:03:08.118DurranSERVER-WEBAPP JBoss web console access attempt
2017-03-18 08:03:08.06DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 75 times
2017-03-18 08:02:59.152DurranPOLICY-OTHER Adobe ColdFusion admin interface access attempt
2017-03-18 08:02:59.142DurranOS-OTHER Bash CGI environment variable injection attempt
- Durran Previous message repeated 12 times
2017-03-18 08:02:58.631DurranPOLICY-OTHER Adobe ColdFusion admin interface access attempt
2017-03-18 08:02:58.63DurranOS-OTHER Bash CGI environment variable injection attempt