Snort mailing list archives
Re: Vulnerability DNS BIND9 attack DoS
From: "Vuong D. Chieu" <vdchieu () vncert vn>
Date: Wed, 5 Aug 2015 13:56:04 +0700 (ICT)
Dear sir. Now. on internet public vulnerability DNS BIND9 https://www.exploit-db.com/exploits/37721/ you can write rule detect attack DoS on OS DNS using BIND9 i had writent rule but it do not run. alert udp any any -> any any (sid:1000010; gid:1; content:"|07 76 65 72 73 69 6F 6E 04 62 69 6E 64 00|"; msg:"DoS DNS BIND9"; classtype:successful-dos; rev:3; ) you can see me some analys about attack DoS. I can write it. thanks ---------------------------------------- Vuong Dinh Chieu (Mr.) Vietnam Computer Emergency Response Team (VNCERT) Ministry of Information and Communications (MIC) Add: 18 Nguyen Du, Hanoi Website: http://www.vncert.gov.vn Tel: +84-4-3640-4424 Mobile: +84-97 993 1293 ----- Original Message ----- From: "Vuong D. Chieu" <vdchieu () vncert vn> To: snort-sigs () lists sourceforge net Sent: Wednesday, August 5, 2015 1:52:29 PM Subject: Vulnerability DNS BIND9 attack DoS Dear sir. Now. on internet public vulnerability DNS BIND9 https://www.exploit-db.com/exploits/37721/ you can write rule detect attack DoS on OS DNS using BIND9 thanks ---------------------------------------- Vuong Dinh Chieu (Mr.) Vietnam Computer Emergency Response Team (VNCERT) Ministry of Information and Communications (MIC) Add: 18 Nguyen Du, Hanoi Website: http://www.vncert.gov.vn Tel: +84-4-3640-4424 Mobile: +84-97 993 1293 ------------------------------------------------------------------------------ _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Vulnerability DNS BIND9 attack DoS Vuong D. Chieu (Aug 05)
- Re: Vulnerability DNS BIND9 attack DoS Vuong D. Chieu (Aug 05)