Snort mailing list archives
Re: how to detect CC attack
From: Jamie Riden <jamie.riden () gmail com>
Date: Wed, 2 May 2012 07:37:02 +0100
2012/5/2 闫振宇 <yanzhenyu () 55tuan com>
** hello everyone, I want to detect CC attack with snort. Has anyone got any idea ?
What is a "CC attack" ? If you mean credit card numbers, I've found the rule that matches 16 digits in a row tends to give false positives. It usually gets disabled, like the SSN# one. If you mean, stealing credit card numbers, you'd need to look at which server they live on, and likely paths for an attacker to export them out of your organisation if they did manage to compromise the box. cheers, Jamie -- Jamie Riden / jamie () honeynet org / jamie.riden () gmail com http://uk.linkedin.com/in/jamieriden
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- how to detect CC attack 闫振宇 (May 01)
- Re: how to detect CC attack Jamie Riden (May 01)
- Re: how to detect CC attack 闫振宇 (May 02)
- Re: how to detect CC attack Jamie Riden (May 02)