[Snort-sigs] references for sid:220 (BACKDOOR HideSource backdoor attempt)
cgibbons at ...1299...
Mon Apr 7 10:03:05 EDT 2003
Hi! I got a few hits on this rule:
alert tcp $EXTERNAL_NET any -> $TELNET_SERVERS 23 (msg:"BACKDOOR
HideSource backdoor attempt";flags: A+; content:"wank"; sid:220;
I had to google to find more information. Perhaps one of you official
rule-updaters would be willing to add a reference or two to this rule?
-- Carl Gibbons GCIA, Network Security Engineer, University of Denver
More information about the Snort-sigs