Snort mailing list archives
Re: Rule 17494
From: Jeff Kell <jeff-kell () utc edu>
Date: Fri, 01 Oct 2010 15:25:58 -0400
On 10/1/2010 3:08 PM, Jefferson, Shawn wrote:
Anyone else notice this rule, 17494 triggering a lot today? Or is it just me... it's an old vulnerability from 2006.
If I had to guess, I'd say somebody was covering a bald spot that was pointed out by someone's IDS test suite :-) As to the practical value of it today, that's much akin to Slammer detection. Jeff
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Rule 17494 Jefferson, Shawn (Oct 01)
- Re: Rule 17494 Tomas Heredia (Oct 01)
- Re: Rule 17494 Joel Esler (Oct 01)
- Re: Rule 17494 Jeff Kell (Oct 01)
- Re: Rule 17494 waldo kitty (Oct 01)
- Re: Rule 17494 Jefferson, Shawn (Oct 01)
- Re: Rule 17494 JJC (Oct 01)
- Re: Rule 17494 waldo kitty (Oct 01)
- Re: Rule 17494 JJC (Oct 01)
- Re: Rule 17494 Tomas Heredia (Oct 01)
- Re: Rule 17494 infosec posts (Oct 01)
- Re: Rule 17494 Joel Esler (Oct 01)