[Snort-users] BAD-TRAFFIC udp port 0 traffic
mkettler at ...4108...
Fri Jul 18 12:30:02 EDT 2003
At 01:17 PM 7/18/2003 -0500, Jason Whitson wrote:
>I would like to disable this rule but it is not listed in the ruleset.
Are you SURE? I found it very quickly using grep on the default 2.0.0 ruleset:
bash$ cd snort-2.0.0/rules
bash$ grep -i "udp port 0" *
bad-traffic.rules:alert udp $EXTERNAL_NET any <> $HOME_NET 0 (msg:"BAD
TRAFFIC udp port 0 traffic"; reference:cve,CVE-1999-0675;
reference:nessus,10074; classtype:misc-activity; sid:525; rev:4;)
More information about the Snort-users