[Snort-sigs] Snort Community Rules Update
research at ...435...
Thu Jun 29 10:28:11 EDT 2006
This message is to announce the availability of an update for the Sourcefire community rule set, which can be downloaded free of cost or registration from http://www.snort.org/pub-bin/downloads.cgi.
New rules in this release are identified as SIDs 100000686-100000688. These rules cover a denial of service attack against the EnergyMech IRC Bot, as well as detection of AJAX Remote Desktop traffic, which may be a policy violation in your environment.
Sourcefire would like to thank the VeriSign MSS Operations Team for submitting SIDs 100000686-100000687. As a reminder, anyone who wishes to submit rules may do so at http://www.snort.org/reg-bin/rulesubmit.cgi.
A list of modified rules and their SIDs follows.
Community Rules Maintainer
100000686 || COMMUNITY DOS EnergyMech parse_notice vulnerability - inbound
100000687 || COMMUNITY DOS EnergyMech parse_notice vulnerability - outbound
100000688 || COMMUNITY POLICY Ajax Remote Desktop Connection
More information about the Snort-sigs