Snort mailing list archives
Sig for Windows messenger service direct access?
From: Gary Flynn <flynngn () jmu edu>
Date: Mon, 01 Dec 2003 10:53:10 -0500
Anyone have a signature to detect Messenger access attempts to the high ports on which it listens? In other words, detecting the Messenger connections rather than the port map connections to 135. I'm not looking for exploit detections, just Messenger activity. thanks, -- Gary Flynn Security Engineer - Technical Services James Madison University ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Sig for Windows messenger service direct access? Gary Flynn (Dec 01)