[Snort-sigs] Snort Community Rules Update

Sourcefire VRT research at ...435...
Tue Feb 14 08:16:19 EST 2006


This message is to announce the availability of an update for the 
Sourcefire community rule set, which can be downloaded free of cost or 
registration from http://www.snort.org/pub-bin/downloads.cgi.

New rules in this release are identified as SIDs 100000229-100000236. 
These rules detect a denial of service attack against Lotus Domino 
Server 7.0, as well as GoogleTalk traffic, which may be a policy 
violation in your network environment.

Sourcefire would like to thank Steven Alexander for submitting the 
GoogleTalk rules, and Nigel Houghton for submitting the Lotus rule. As a 
reminder, anyone who wishes to submit rules may do so at 
http://www.snort.org/reg-bin/rulesubmit.cgi.

A list of new rules and their SIDs follows.

Alex Kirk
Community Rules Maintainer
Sourcefire, Inc.

100000229 || COMMUNITY Lotus Domino LDAP attack
100000230 || COMMUNITY MISC Jabber/Google Talk Outgoing Traffic
100000231 || COMMUNITY MISC Jabber/Google Talk Outgoing Auth
100000232 || COMMUNITY MISC Google Talk Logon
100000233 || COMMUNITY MISC Jabber/Google Talk Outoing Message
100000234 || COMMUNITY MISC Jabber/Google Talk Log Out
100000235 || COMMUNITY MISC Jabber/Google Talk Logon Success
100000236 || COMMUNITY MISC Jabber/Google Talk Incoming Message




More information about the Snort-sigs mailing list