[Snort-sigs] [Emerging-Sigs] How can i prevent from the MS09-004 and MS08-040 HIRisk ?

Joel Esler jesler at ...435...
Sun Feb 5 09:33:41 EST 2012


Well, these are VRT rules. 

Nessus for the most part simply checks for patch level using local credentials on the system. 

-- 
Joel Esler

On Feb 5, 2012, at 3:56 AM, "M.Turner Turner" <msbzag at ...2420...> wrote:

> 
> Hi
> i use nessuss and report MS09-004 and MS08-040 HIRisk in SQL server.
> and i enable and drop action for rules 15127 through 15144 and  13896, 16073 and (so_rules)GID:3 SID:13888-13892 .
> 
> but rules don't trig and don't alert .
> and i can't prevention of these HiRisk.
> 
> How can i prevention from these and what rules i use?
> 
> thanks
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs at ...3335...
> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
> 
> Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreatspro.com
> The ONLY place to get complete premium rulesets for Snort 2.4.0 through Current!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6362 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20120205/31135062/attachment.bin>


More information about the Snort-sigs mailing list