Hosting Provided By

Re: Did IDSes detect the SQL worm?

From: Scott C. Kennedy <sck(at)infosyscorp.com>
Date: Wed Jan 29 2003 - 12:52:22 EST

The NFRs we use detected a SQL 2000 buffer overflow attempt, which it itself is not abnormal, since we get 2-3 of these a day, but when we got 2,000 in a few mins, I knew something was up.

Scott

Todd Heberlein wrote:

> Much has been made about the fact that the vulnerability exploited by

-- 
 Scott C. Kennedy
 Lead Security Architect/ Director of Security
 Infosys Corporation
 Work: (877) 772-2347
 PGP: 
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE27C1102

Received on Thu Jan 30 15:01:28 2003

This message: [ Message body ]
Next message: Brian Laing: "RE: Active response... some thoughts."
Previous message: Matt Bing: "Re: Did IDSes detect the SQL worm?"
In reply to: Todd Heberlein: "Did IDSes detect the SQL worm?"
In reply to Stan Burditzman: "RE: Did IDSes detect the SQL worm?"
Next in thread: Kurt Seifried: "Re: Did IDSes detect the SQL worm?"
Reply: Kurt Seifried: "Re: Did IDSes detect the SQL worm?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:08 EDT