Snort mailing list archives

Previous By Date Next
Previous By Thread Next

SSLv2 alerts

From: "Chong Lee Poh" <Chong.LeePoh () allianz com my>
Date: Thu, 3 Jun 2010 13:34:44 +0800
Hi there, 

Previously, I get high no. of alerts of "WEB-MISC SSLv2 openssl get
shared ciphers overflow attempt {tcp}". It is a false alarm to me
because I am not running SSLv2. 

Recently, after I updated the rules dated 2010-04-15, my no. of snort
logs detected has reduced tremendously. I noticed that the recent rule
no longer detects "WEB-MISC SSLv2 openssl get shared ciphers overflow
attempt {tcp}". 

May I know why? 

Thanks. 
/Chong


This e-mail and any attachments therewith are intended only for the use of the address. This e-mail may contain 
confidential and privileged information. Any unauthorized use, copying or  disclosure of information contained in this 
e-mail or its attachments is strictly prohibited and may be unlawful. If you have received this e-mail in error, please 
contact the sender via return e-mail and delete this e-mail and attachments thereafter. Any confidentiality or 
privilege is not waived or lost because this e-mail has been sent to you by mistake. Any liability for viruses is 
excluded to the fullest extent permitted by law.


------------------------------------------------------------------------------
ThinkGeek and WIRED's GeekDad team up for the Ultimate 
GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the 
lucky parental unit.  See the prize list and enter to win: 
http://p.sf.net/sfu/thinkgeek-promo
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
Previous By Date Next
Previous By Thread Next

Current thread: