[Snort-sigs] Any new signatures for the other Variants of the Blaster Worm?
jstewart at ...5...
Wed Aug 13 13:34:33 EDT 2003
On Wednesday 13 August 2003 02:15 pm, Marty.Bostick at ...495... wrote:
> Does anyone have a signature for the new W32.Blaster.B.Worm and
> W32.Randex.E variants that are out?
> Will my existing rules work?
They all use the HD Moore exploit, as does Blaster.a, so if you have a
signature that picks up Blaster.a reliably, you should have no problem.
Joe Stewart, GCIH
Senior Security Researcher
More information about the Snort-sigs