[Snort-sigs] a new whisker-like attack -- sigs?

Michael Scheidell scheidell at ...249...
Sun Mar 3 18:15:03 EST 2002

> Good evening,
> After heavily scanning our entire network, a dialup account in the US
> decided to poke at our webserver.  As the alerts started pouring in, I
> immediately thought this was someone playing around with whisker.

looks like a nessus scan.
USUALLY nessus scans put teir name (sig) in the output so you know it.

Michael Scheidell
SECNAP Network Security, LLC
(561) 368-9561 scheidell at ...249...

More information about the Snort-sigs mailing list