[Snort-users] Sig for Windows messenger service direct access?

Gary Flynn flynngn at ...6811...
Mon Dec 1 07:47:06 EST 2003


Anyone have a signature to detect Messenger access attempts
to the high ports on which it listens? In other words,
detecting the Messenger connections rather than the port
map connections to 135.

I'm not looking for exploit detections, just Messenger
activity.

thanks,

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University






More information about the Snort-users mailing list