[Snort-users] New BIND exploit...
borjamar at ...778...
Tue Jan 30 07:55:47 EST 2001
Peter Bates wrote:
> Hello all...
> Has anyone enough details on the signature
> of the new BIND exploit
> (http://www.securityfocus.com/news/144 , CERT, etc.)
> to say whether current snort rulesets would catch
> the activity, or whether a new one needs to be crafted?
I haven't seen any exploits, but have detected an increase
on bind.version queries.
Someone from 220.127.116.11 is scanning all the .es
nameservers, it seems.
More information about the Snort-users