[Snort-users] snort attacks

Guillaume guillaume at ...1168...
Wed May 30 01:31:53 EDT 2001


Ryan Russell wrote:

> On Tue, 29 May 2001, Steve Moran wrote:
>
> > Where can I find a description of the attacks or the exploit someone is
> > trying to use?  For example, if I see this type of attack is occurring
> > x86 NOOP - unicode BUFFER OVERFLOW ATTACK
> >
> > How would I know what they are trying for?
>
> ARIS users have access to this sort of information, indirectly.  Sign up,
> submit your logs, and when you view the description for a particular
> attack, there's a description of what is being tried, and links to the
> Bugtraq ID, which has example exploits, patches, etc..  ARIS Analyzer is
> free.

... as free as arachNIDS from whitehats.com is.... :-)

Guillaume.





More information about the Snort-users mailing list