[Snort-sigs] a new whisker-like attack -- sigs?

Michael Scheidell scheidell at ...249...
Sun Mar 3 18:15:03 EST 2002


> Good evening,
> 
> After heavily scanning our entire network, a dialup account in the US
> decided to poke at our webserver.  As the alerts started pouring in, I
> immediately thought this was someone playing around with whisker.

looks like a nessus scan.
www.nessus.org
USUALLY nessus scans put teir name (sig) in the output so you know it.

-- 
Michael Scheidell
SECNAP Network Security, LLC
(561) 368-9561 scheidell at ...249...
http://www.secnap.net/





More information about the Snort-sigs mailing list