[Snort-sigs] new snort rule for detect last finger solaris 7-9 vulnerability !
rmkml at ...324...
Mon Aug 13 15:30:30 EDT 2007
please check and maybe add this new rule :
alert tcp $EXTERNAL_NET any -> $HOME_NET 79 (msg:"FINGER single digit list all accounts attempt"; flow:to_server,established; dsize:1; pcre:"/\d/"; reference:cve,2007-4310; classtype:attempted-recon; sid:92131; rev:1;)
Any suggestions and improvements are welcome,
contact at ...3281...
=> Crusoe Researches have created more than 2132 UNIQ 'snort' rules for Commercial Access
(Contact me directly if you are interested)
Azwalaro new nidps open source project
azwalaro at ...3281...
More information about the Snort-sigs