[Snort-sigs] Arachnids References
berjo at ...66...
Tue Aug 21 09:20:19 EDT 2001
I promised a couple of weeks back that I would cross-check the Arachnids
references of the Snort rules. Here is a list of the rules that I found
that didn't quite match.
Rules file Sig Name Cur Ref New Ref Match Method
dns.rules DNS named iquery attempt 134 277 Content & Sig Name
exploit.rules EXPLOIT imap x86 linux overflow 130 147 Signature name -
Various sigs in exploit.rules, diff content
finger.rules FINGER bomb attempt 382 381 Content & Sig Name
icmp-info.rules ICMP PING Pinger Windows 163 165 Content & Sig Name
smtp.rules SMTP expn root 21 31 Content & Sig Name
telnet.rules TELNET ld_library_path 367 368 Content & Sig Name
web-iis.rules WEB-IIS jet vba access 286 - No match in ARACHNIDS
Wrapping may break some of the lines in undesirable places. Let me know it
you would rather I send this as a text file attachment. Also let me know if
you disagree on some of the references.
John Berkers ICQ: 112912
Network Operations Infrastructure Support - Hansen Corporation
john.berkers at ...78... berjo at ...66...
More information about the Snort-sigs