[Snort-users] SSL CodeRed et al

Ryan Russell ryan at ...35...
Tue May 28 09:00:02 EDT 2002

On Tue, 28 May 2002 bthaler at ...2720... wrote:

> Has anyone heard of a CodeRed or Nimda variant attacking on port 443 (SSL)?

All the known variants of those two are hardcoded to port 80.  Unless
you've got some kind of SSL accelerator that automatically forwards
attempts to port 80 to 443 and does SSL on their behalf (and that is
possible to do..) then that's not the problem.

Shouldn't matter even if they did.... why would that crash your servers?


More information about the Snort-users mailing list