[Snort-users] WEB-IIS Cmd attack

Togan Muftuoglu toganm at ...603...
Tue Sep 18 09:08:01 EDT 2001


I am on the list please do not CC me

* cdowns; <cdowns at ...1892...> on 18 Sep, 2001 wrote:
> What is the actual signiture as i have seen nothing yet on my servers in
> NH
> 

Snort is catching it as WEB-IIS cmd.exe access from the snort.org rules
nothing special


-- 
Togan Muftuoglu





More information about the Snort-users mailing list