[Snort-users] [Emerging-Sigs] Signatures for Clients POSTing to SEO/NEOsploit Exploit Kits - Round 2

Alex Kirk akirk at ...1935...
Wed Aug 11 13:55:39 EDT 2010


>
> A bit more info....  have the pcap if you want/need it.
>
> <snip>

A quick aside to all readers of this list: there is no "if" when it comes to
the question of whether the VRT wants a PCAP when diagnosing a rule issue.
If you have a PCAP that you can share, we *always* want it - period, end of
story. Even if we can figure out a fix without the PCAP, it helps us verify
said fix.


-- 
Alex Kirk
AEGIS Program Lead
Sourcefire Vulnerability Research Team
+1-410-423-1937
alex.kirk at ...1935...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100811/9a3ecb7f/attachment.html>


More information about the Snort-users mailing list