[Snort-sigs] Netsky.c + others? attachment sid
cybergolfing at ...144...
Tue Mar 2 10:44:07 EST 2004
> I set the port to any instead of 25 because the
> virus sends also over
> other ports.
src port could be "any" but dest port should still be
A method for detecting infected hosts could be:
alert tcp !$TRUSTED_SMTP_SERVERS any >
Do you Yahoo!?
Yahoo! Search - Find what youre looking for faster
More information about the Snort-sigs