[Snort-sigs] Documentation for Rule 628 SCAN nmap TCP

Nigel Houghton nigel at ...435...
Mon Dec 1 11:46:11 EST 2003


Thank you for your contribution. I will add it to the store and you should
see it appear in the database after the next scheduled update.

Around 11:36am Joe Hdez said:

JH :Hi, how are you?,
JH :
JH :I just filled up the missing documentation for the rule 628 SCAN Nmap TCP but I also would like to suggest to change the name of the rule to "TCP Ping Nmap" because the rule refers only to the TCP Ack Probe made by Nmap and it could be confused with an Nmap ACK Scan rule,
JH :
JH :I would appreciate if you could give me some feedback to see if the rule is OK,
JH :
JH :Thanks,
JH :
JH :Regards,
JH :
JH :Jose

-------------------------------------------------------------
Nigel Houghton   Security Research Engineer   Sourcefire Inc.
                 Vulnerability Research Team

"Mankind hasn't even got the technology to create a toupee
that doesn't get big laughs." -- Lister




More information about the Snort-sigs mailing list