[Snort-users] Snort Alert[1:16482:8]
jlay at ...13475...
Tue Mar 26 13:08:54 EDT 2013
> -----Original Message-----
> From: Kee, Scott [mailto:Scott.Kee at ...16186...]
> Sent: Tuesday, March 26, 2013 08:38
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Snort Alert[1:16482:8]
> I recently installed Snort on my Ubuntu machine. I am receiving a
> lot of
> 16482:8 alerts. It is Microsoft ie 6 and 7 vulnerability alert.
> I don't have any users who are on using IE 6 or 7. What is
> triggering this
> alert? Is this safe to ignore?
Keep in mind that we are targeting the vulnerability. As such, the
server could be responding with possible vulnerable code relevant to IE,
and this rule doesn't check User Agent. If you're not running any IE in
your environment, you may want to consider commenting out the
browser-ie.rules. Hope that helps.
More information about the Snort-users