Snort mailing list archives
Re: Wordpress-attack
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Mon, 22 Feb 2016 14:55:54 +0000
It would help us immensely if you were able to provide an example of what the attack looked like? A packet capture? -- Joel Esler Manager, Talos Group On Feb 20, 2016, at 10:42 AM, ARUN LAL <arunlal7701 () gmail com<mailto:arunlal7701 () gmail com>> wrote: Hi All, Currently we have seen some Word press and PHP injection to our domain via snorby(Snort) Our server currenlt have snort and ossec. Could you please suggest some snort rule that blocks IP automatically when this type of event happens. Thanks in Advance :) Regards Arunlal ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Wordpress-attack ARUN LAL (Feb 20)
- Re: Wordpress-attack Joel Esler (jesler) (Feb 22)