[Snort-sigs] Rule #2000900

Ole-Martin olebakk at ...2420...
Thu Jul 29 06:26:06 EDT 2004


Hi!

I just wanted to say I've found good use of the 2000900 rule in
bleeding (BLEEDING-EDGE Malware JoltID Agent Probing or Announcing
UDP).

I think it might be included with KaZaA now and that makes it easy to
find machines that violates company policy.

Why isn't 20009xx rules in bleeding-sid-msg.map ?


--
Ole-Martin




More information about the Snort-sigs mailing list