Originally posted here by zepherin
I'll copy a intrusion entry and show you what the numbers mean I'll use // for comments.
Activity: (HTTP_Shells) //this is the type of exploit they are useing
Source IP: (63.108.181.201) //this is the Ip address of the attacker Source Port: (4572) //this is the port that the trafic is comming from
Destination IP: (192.172.226.77)//this is the IP that is trying to be exploited on the antionline network Destination Port: (80) //this is the port which they are trying to exploit
Date & Time Code: (20020705104124) //this is date and time
that was a good point and a good explanation zepherin, but i think the person asking the question will have trouble recognizing the word exploit, source port, port in general, destination ports etc. I believe he/she was wanting something like this:

there http_shells are what they are going to use to try and get in.

destination IP is the identification number for the website they are trying to hack. port 80 is a port, a port is basically (basically) the type of indentification. port 80 is the HTTP port, that is the place in which the intruder attempts to enter.
everything else was explained well by zepherin, mind you zepherin did a hell of a job explaining, but for a person having trouble learning IPs i think it was a bit advanced.