[Snort-sigs] Vulnerability DNS BIND9 attack DoS

Vuong D. Chieu vdchieu at ...3828...
Wed Aug 5 02:56:04 EDT 2015


Dear sir.
Now. on internet public vulnerability DNS BIND9 
https://www.exploit-db.com/exploits/37721/

you can write rule detect attack DoS on OS DNS using BIND9

i had writent rule but it do not run.
alert udp any any -> any any (sid:1000010; gid:1; content:"|07 76 65 72 73 69 6F 6E 04 62 69 6E 64 00|"; msg:"DoS DNS BIND9"; classtype:successful-dos; rev:3; )

you can see me some analys about attack DoS. I can write it.

thanks

----------------------------------------
Vuong Dinh Chieu (Mr.)
Vietnam Computer Emergency Response Team (VNCERT)
Ministry of Information and Communications (MIC)
Add: 18 Nguyen Du, Hanoi       Website: http://www.vncert.gov.vn
Tel: +84-4-3640-4424                Mobile: +84-97 993 1293

----- Original Message -----
From: "Vuong D. Chieu" <vdchieu at ...3828...>
To: snort-sigs at lists.sourceforge.net
Sent: Wednesday, August 5, 2015 1:52:29 PM
Subject: Vulnerability DNS BIND9 attack DoS


Dear sir.
Now. on internet public vulnerability DNS BIND9 
https://www.exploit-db.com/exploits/37721/

you can write rule detect attack DoS on OS DNS using BIND9

thanks
----------------------------------------
Vuong Dinh Chieu (Mr.)
Vietnam Computer Emergency Response Team (VNCERT)
Ministry of Information and Communications (MIC)
Add: 18 Nguyen Du, Hanoi       Website: http://www.vncert.gov.vn
Tel: +84-4-3640-4424                Mobile: +84-97 993 1293




More information about the Snort-sigs mailing list