Security Incidents mailing list archives

Re: TCP:80, TCP:1433 squelda 1.0 probe

From: Joe Stewart <jstewart () lurhq com>
Date: Mon, 2 Dec 2002 08:53:24 -0500

On Friday 29 November 2002 12:35 am, John Sage wrote:

Seen this exact tool once before, back in August, reference:

http://cert.uni-stuttgart.de/archive/intrusions/2002/08/msg00200.html


The brute-force MSSQL attacks in this probe with the "squelda" reference
were generated by sqldict: http://ntsecurity.nu/toolbox/sqldict/

-Joe

-- 
   Joe Stewart  <jstewart () lurhq com>
  Senior Information Security Analyst 
-----------------------------------------
 "24x7 Enterprise Security Monitoring"
LURHQ Corporation  http://www.lurhq.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Re: TCP:80, TCP:1433 squelda 1.0 probe Joe Stewart (Dec 02)
- Re: TCP:80, TCP:1433 squelda 1.0 probe John Sage (Dec 03)