[Snort-sigs] Snort Community Rules Update
alex.kirk at ...435...
Thu Oct 13 09:45:30 EDT 2005
This message is to announce the availability of an update for the
Sourcefire community rule set, which can be downloaded free of cost or
registration from http://www.snort.org/pub-bin/downloads.cgi.
New rules in this release are identified as SIDs 100000165-100000168.
They cover a buffer overflow attack against the Sentinel License Manager
and a denial of service attack against Oracle databases, and provide
detection for two vectors of the Hydra password-cracking tool.
Sourcefire would like to thank rmkml for submitting these rules. As a
reminder, anyone who wishes to submit rules may do so at
A list of new rules and their SIDs follows.
Community Rules Maintainer
100000165 || COMMUNITY EXPLOIT Sentinel LM exploit
100000166 || COMMUNITY ORACLE TNS Listener shutdown via iSQLPlus attempt
100000167 || COMMUNITY SMTP Hydra Activity Detected
100000168 || COMMUNITY WEB-ATTACKS Hydra Activity Detected
More information about the Snort-sigs