[Snort-users] SID 19253, WEB-CLIENT Adobe Reader malicious language.engtesselate.ln file download attempt

Joel Esler jesler at ...1935...
Thu Jun 16 17:46:44 EDT 2011


Shawn,

Update your rules to the ones that came out today.

Joel

On Jun 16, 2011, at 5:41 PM, Jefferson, Shawn wrote:

> Seeing a lot of false positives on this… and not in PDF files at all.  Seeing falses from news sites, in cookies, etc..
>  
> --
> Shawn Jefferson, Team Lead Security and Server Services, GCIH, GCFA
> British Columbia Ferry Services Inc.
> Tel: (250) 978-1508
> Fax: (250) 405-3533
> Shawn.Jefferson at ...14448... | www.bcferries.com
>  
>  
>  
> ------------------------------------------------------------------------------
> EditLive Enterprise is the world's most technically advanced content
> authoring tool. Experience the power of Track Changes, Inline Image
> Editing and ensure content is compliant with Accessibility Checking.
> http://p.sf.net/sfu/ephox-dev2dev_______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 
> Please see http://www.snort.org/docs for documentation

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20110616/8b9d70c6/attachment.html>


More information about the Snort-users mailing list