[Snort-users] eEyeIsTheBest seen in http?

Steve Halligan agent33 at ...187...
Thu Sep 27 14:15:05 EDT 2001


This is either Retina or one of Eeye's other vulnerability scanning tools.
Check 'em out at www.eeye.com
Eeye is a legitimate organization, the person using the tool on you may not
be.
BTW, they are scanning for the IIS unicode directory traversal vulnerability
which is used by Nimda and SadMind and others.

-Steve

> Subject: [Snort-users] eEyeIsTheBest seen in http?
> 
> 
> Has anyone else seen this?
> 
> I am seeing a handful of these, from internal machines, 
> sometimes going to
> other segments in the network as well as to outside systems 
> (web servers).
>
> 




More information about the Snort-users mailing list