Snort mailing list archives
Re: DROWN Rule
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Mon, 14 Mar 2016 21:37:03 +0000
Yes, that is the correct rule, and yes, it’s still only available to subscribers. -- Joel Esler Manager, Talos Group On Mar 14, 2016, at 3:54 PM, Scott Ellis <scorellis () gmail com<mailto:scorellis () gmail com>> wrote: I read on the Internet somewhere that rule 1-38060 - POLICY-OTHER SSLv2 Client Hello attempt would detect an attempt to infiltrate via a DROWN styled assault. Can anyone confirm this, and also help me figure out where to get it? the following link: https://snort.org/rule_docs/1-38060 is rather short on details. Perhaps this is one of those things for which we need to purchase a subscription? Than you Scott ------------------------------------------------------------------------------ Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------ Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- DROWN Rule Scott Ellis (Mar 14)
- Re: DROWN Rule Joel Esler (jesler) (Mar 14)