[Snort-sigs] Rule for the newest DCOM vulnerability?

Eric Hines loki at ...1349...
Thu Sep 11 10:26:58 EDT 2003


You would be making the assumption that any upcoming worms or exploits
will be using the same exploit that eEye's Retina uses or at least
making the bet that they've based it on Retina which isn't the safest
bet to make.

Regards,

Eric Hines
CEO, Chairman
Applied Watch Technologies, Inc.
"Browserless Snort Management is Here"

===============================================

Eric Hines
CEO, Chairman
Applied Watch Technologies, Inc.
eric.hines at ...1663...
-----------------------------------------------
Corporate Headquarters
1650 Carlemont Dr. 
Suite D 
Crystal Lake, IL. 60014 
-----------------------------------------------
Direct Toll Free: (877) 262-7593 (x327)
Fax: (815) 425-2173 
-----------------------------------------------
Main Switchboard: (877) 262-7593 (9am-5pm CST)
Commercial Sales: (877) 262-7593 (opt1)
Government Sales: (877) 262-7593 (opt2)

===============================================


-----Original Message-----
From: Compton, Rich [mailto:RCompton at ...1352...] 
Sent: Wednesday, September 10, 2003 10:03 PM
To: snort-sigs at lists.sourceforge.net
Subject: [Snort-sigs] Rule for the newest DCOM vulnerability?


Anyone have a new rule for the newest Microsoft DCOM vulnerability
(http://www.microsoft.com/technet/treeview/?url=/technet/security/bullet
in/M
S03-039.asp) that eEye just discovered
(http://www.eeye.com/html/Research/Advisories/AD20030910.html)?

Someone on another list suggested running eEye's Retina scanner checking
for that vulnerability and sniffing for the traffic.  Anybody know if
that would work?

-Rich Compton


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf _______________________________________________
Snort-sigs mailing list
Snort-sigs at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs






More information about the Snort-sigs mailing list