[Snort-sigs] Unknown IIS Issue
matt at ...2436...
Sat Jul 17 18:11:02 EDT 2004
ISC is tracking a potential new IIS ssl exploit. Put up a real quick
rule to see if it's going around:
alert tcp $EXTERNAL_NET any -> $HOME_NET 443 (msg:"BLEEDING-EDGE
THCOWNZIIS IIS SSL Exploit Attempt";
7-17; content:"THCOWNZIIS!"; sid:2000559; rev:1;)
It's in the Bleeding Rules now, www.bleedingsnort.com. If anyone knows
more about it let us know please.
More information about the Snort-sigs