[Snort-users] Google Captcha Signature

Gregory Zill gregory at ...14510...
Thu May 13 16:56:09 EDT 2010

Has there been a signature developed to track internal hosts generating the
excessive outbound requests to Google via one NAT, which subsequently
triggers the captcha. It is reported that proxied or infected traffic
produces the high-volume and I am only trying to catch the latter. Any ideas
would be appreciated.

“I think we all have a little voice inside us that will guide us… if we shut
out all the noise and clutter from our lives and listen to that voice, it
will tell us the right thing to do.”
~Christopher Reeve

Gregory W Zill, MBA, CISSP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100513/976ea6b7/attachment.html>

More information about the Snort-users mailing list