
Kernel 4.3.3
02/19/2016-17:44:45.722178  [**] [1:2008578:4] ET SCAN Sipvicious Scan [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 69.64.61.103:5092 -> 80.150.185.226:5060
02/19/2016-17:44:45.722178  [**] [1:2011716:3] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 69.64.61.103:5092 -> 80.150.185.226:5060
02/19/2016-17:44:45.722178  [**] [1:2403313:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 14 [**] [Classification: Misc Attack] [Priority: 2] {UDP} 69.64.61.103:5092 -> 80.150.185.226:5060
02/19/2016-17:44:45.724698  [**] [1:2011716:3] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 69.64.61.103:5092 -> 80.150.185.227:5060
02/19/2016-17:44:45.730510  [**] [1:2011716:3] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 69.64.61.103:5092 -> 80.150.185.228:5060
02/19/2016-17:44:45.736430  [**] [1:2011716:3] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 69.64.61.103:5092 -> 80.150.185.229:5060
02/19/2016-17:44:45.747831  [**] [1:2011716:3] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 69.64.61.103:5092 -> 80.150.185.230:5060
02/19/2016-17:45:19.239275  [**] [1:2012648:3] ET POLICY Dropbox Client Broadcasting [**] [Classification: Potential Corporate Privacy Violation] [Priority: 1] {UDP} 10.49.0.103:17500 -> 10.49.1.255:17500

Kernel 4.4.2
01/01/1970-01:00:00.000000  [**] [1:2002087:10] ET POLICY Inbound Frequent Emails - Possible Spambot Inbound [**] [Classification: Misc activity] [Priority: 3] {TCP} 62.149.158.146:40298 -> 10.49.1.242:25
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587
01/01/1970-01:00:00.000000  [**] [1:2012648:3] ET POLICY Dropbox Client Broadcasting [**] [Classification: Potential Corporate Privacy Violation] [Priority: 1] {UDP} 10.49.0.103:17500 -> 10.49.1.255:17500
00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 80.150.185.230:587
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587
01/01/1970-01:00:00.000000  [**] [1:2402000:3988] ET DROP Dshield Block Listed Source group 1 [**] [Classification: Misc Attack] [Priority: 2] {UDP} 185.130.5.224:58368 -> 80.150.185.233:53413
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587
01/01/1970-01:00:00.000000  [**] [1:2403333:2499] ET CINS Active Threat Intelligence Poor Reputation IP group 34 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 146.185.250.105:51595 -> 10.49.1.242:587

