Snort mailing list archives
Re: ATTACK-RESPONSES id check returned root
From: Chris Romano <romano.chris () gmail com>
Date: Fri, 21 Oct 2005 13:48:11 -0400
On 10/21/05, Patrick Walsh <pwalsh () esoft com> wrote:
SUCKIT v 1.1c - New, singing, dancing, world-smashing rewtkit *.* (c)oded by sd () sf cz & devik () cdi cz, 2001 Configuring ./sk:.OK!.[attacker () badass cz ~/sk10]$ telnet lamehost.com<http://lamehost.com> 80.Trying 192.160.0.2.... Connected to lamehost.com..Escape characterLooks like someone viewed this phrack article: http://www.phrack.org/phrack/58/p58-0x07 which triggered the rule.
That seems to be it. I feel much better now. thanks everyone. Chris
Current thread:
- ATTACK-RESPONSES id check returned root Chris Romano (Oct 21)
- Re: ATTACK-RESPONSES id check returned root Matt Kettler (Oct 21)
- Re: ATTACK-RESPONSES id check returned root Matt Kettler (Oct 21)
- Re: ATTACK-RESPONSES id check returned root Patrick Walsh (Oct 21)
- Re: ATTACK-RESPONSES id check returned root Chris Romano (Oct 21)
- Re: ATTACK-RESPONSES id check returned root cc (Oct 21)
- RE: ATTACK-RESPONSES id check returned root Our World Is Here (Oct 24)
- RE: ATTACK-RESPONSES id check returned root Paul Schmehl (Oct 25)
- RE: ATTACK-RESPONSES id check returned root Our World Is Here (Oct 26)
- RE: ATTACK-RESPONSES id check returned root Our World Is Here (Oct 24)
- <Possible follow-ups>
- RE: ATTACK-RESPONSES id check returned root Willy, Andrew (Oct 21)