Snort Discussions

[Jim Forster <jforster () rapidnet com>]

Well, after returning from vacation, I was met with a little surprise I'm sure many of you saw....
Someone did a little code injection on the Snort (Snitz) forums, and changed the 'title' field to 'Hacked bye 
AloneDrinkWine' in a rather large font.  :)
I've pulled the site down for updates, and low and behold, I was running a very old version, to which there are 40+ 
fixes listed. <doh!>
Just to see, I tossed "hacked" and "Snitz" into a google search - Results.. about 1,630.  Checked the first 20 or so, 
and they're the exact same exploit.
The update should be done this afternoon, and if anyone has a copy of this Snitz web-injection code, I'd appreciate 
seeing it so we can get an exact rule written.
....Teach me to ignore updates.

--------------------------------------------------------------------
Sleep: A completely inadequate substitute for caffeine.

Jim Forster, jforster () rapidnet com on 9/5/2002
Network Administrator
RapidNet, A Golden West Company




-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users