[Snort-sigs] Snort-sig-socks4-active

John Berkers berjo at ...66...
Tue Jan 22 03:29:02 EST 2002


The vision18.rules had a sig to detect the use of SOCKS4 proxy server
use.  It has helped me track down some unsecured servers in the past,
thought it might be helpful for someone else as well.  I have taken the
liberty of documenting the rule with the new template.

See attached file.

 

Regards,

John Berkers                                       ICQ: 112912
Network Services                            Hansen Corporation
john.berkers at ...78...               berjo at ...66...


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: snort-sid-socks-active.txt
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20020122/a6f812b1/attachment.txt>


More information about the Snort-sigs mailing list