[Snort-users] Snort Discussions

Jim Forster jforster at ...176...
Thu Sep 5 12:25:10 EDT 2002

Well, after returning from vacation, I was met with a little surprise I'm sure many of you saw....
Someone did a little code injection on the Snort (Snitz) forums, and changed the 'title' field to 'Hacked bye AloneDrinkWine' in a rather large font.  :)
I've pulled the site down for updates, and low and behold, I was running a very old version, to which there are 40+ fixes listed. <doh!>
Just to see, I tossed "hacked" and "Snitz" into a google search - Results.. about 1,630.  Checked the first 20 or so, and they're the exact same exploit.
The update should be done this afternoon, and if anyone has a copy of this Snitz web-injection code, I'd appreciate seeing it so we can get an exact rule written.
....Teach me to ignore updates.

Sleep: A completely inadequate substitute for caffeine.

Jim Forster, jforster at ...176... on 9/5/2002
Network Administrator
RapidNet, A Golden West Company

More information about the Snort-users mailing list