|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
[Snort-sigs] references for sid:220 (BACKDOOR HideSource backdoor attempt)
From: Carl Gibbons <cgibbons(at)du.edu>
Date: Mon Apr 07 2003 - 13:02:23 EDT
This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs Received on Mon Apr 7 13:32:06 2003
Date: Mon Apr 07 2003 - 13:02:23 EDT
Hi! I got a few hits on this rule:
alert tcp $EXTERNAL_NET any -> $TELNET_SERVERS 23 (msg:"BACKDOOR HideSource backdoor attempt";flags: A+; content:"wank"; sid:220; classtype:misc-activity; rev:4;)
I had to google to find more information. Perhaps one of you official rule-updaters would be willing to add a reference or two to this rule? I found:
http://www.iss.net/security_center/static/1840.php http://hq.mcafeeasap.com/vulnerabilities/vuln_data/4000.asp
- Carl Gibbons GCIA, Network Security Engineer, University of Denver
This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs Received on Mon Apr 7 13:32:06 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:08:26 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |