Snort mailing list archives
http://www.kb.cert.org/vuls/id/569272 sigs?
From: Jon Hart <jhart () ccs neu edu>
Date: Thu, 13 Dec 2001 14:49:42 -0500
Good afternoon, I'm sure most of you have heard of this by now, so I was curious if anyone has started working on a possible sig for this bad-boy. CERT claims that there is an exploit in the wild, and I've heard from two reliable sources that machines are being actively targeted as I write this. In fact, I know of at least one large group of Solaris machines that have been comprimised already, so things are a shakin'. Thoughts? -jon _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- http://www.kb.cert.org/vuls/id/569272 sigs? Jon Hart (Dec 13)
- Re: http://www.kb.cert.org/vuls/id/569272 sigs? Greg Herlein (Dec 14)