[Snort-users] instant snort sigs for new vulnerabilites
stevem at ...6226...
Tue Jul 2 14:57:57 EDT 2002
-----BEGIN PGP SIGNED MESSAGE-----
with all the fuss lately over the new apache worm, etc, id like to know
if my machine is getting hit (its patched, just being curious). i know
about mod_blowchunks, but im looking for something more general..
it seems to me that snort could see these attacks pretty easily.
is there a tool/method out there that will retrieve the *latest* snort
signatures automatically? for those of us not running snort via CVS, id
like a way to do something like cvsup, but _only_ update my ruleset
every night or whatever.
i cc: the freebsd team as this might be a cool (simple) port. (something
this could be helpful to people who are just curious, or maybe could
provide some good numbers to shock lazy sysadmins into actually patching
..of course, this is all assuming there's someone out there writing
~ Steve McGhee
~ Systems Administrator
~ Linguistic Minority Research Institute
~ UC Santa Barbara
~ phone: (805)893-2683
~ email: stevem at ...6226...
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Using PGP with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Snort-users