[Snort-users] Sig for Windows messenger service direct access?

Gary Flynn flynngn at ...6811...
Mon Dec 1 07:47:06 EST 2003

Anyone have a signature to detect Messenger access attempts
to the high ports on which it listens? In other words,
detecting the Messenger connections rather than the port
map connections to 135.

I'm not looking for exploit detections, just Messenger


Gary Flynn
Security Engineer - Technical Services
James Madison University

More information about the Snort-users mailing list