[Snort-users] IIS cmd.exe and unicode

Bastian Ballmann ballmann at ...3190...
Wed Oct 31 00:55:02 EST 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi community!! =)
Does anyone know if nimba is still very active? Or if another worm is using 
the IIS cmd.exe and unicode exploit to spread?
Cause last night Snort detected a very high amount of those attacks...
Thanx and greets

Bastian Ballmann
@ Computational Design
- -- 
- ---:[ Keep the right to crypt!
\214^D^C^C^BM8¨^N^U,£B`É4ºÄ^L^@ÐBìóÁÀ!O½1CÍ^\MÜy±
ôæ]%\203\224ú^AKÇ8Ó^_ñ-GN^E\202=^[Ì^GÖlªÇ^Z\236\201
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjvfr3gACgkQ/X/Mmob5zke94gCeMtxMvggoS0A4Gxfna46w15iE
clYAniDmqkBFc+xQKwl22HXaHyPeV1HJ
=Gx6c
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list