[Snort-users] Big Brother: Alerts SSH CRC exploit

Edwin Eefting edwin at ...2758...
Wed Nov 21 23:44:02 EST 2001


On Wed, 21 Nov 2001 23:35:29 -0500 Wynn Fenwick <wfenwick at ...4126...> wrote:

> Hi,
> 
> Has anyone else experienced Big Brother health checking triggering the
> SSH CRC vulnerability exploit rules?
> 
> Any opinions as to why this is necessary from the Big Brother users of
> the Snort community? The signature is very content specific, so it's
> wierd something doing a health check would trigger..

If it's an active security scanner/checker, it's perfectly normal to trigger some
alerts. (like nessus does) It just tries some things to see if your box is
vulnerable to certain exploits.
bye

> 
> W
> 
> --
> FHLSim - The Fantasy Hockey League Simulator of Choice
> http://www.FHLSim.com/
> 
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 


--                            __________________
                             /\ ___/          
Edwin Eefting               /- \ _/  Business Internet Trends BV
                           /--- \/           __________________





More information about the Snort-users mailing list