[Oisf-users] bind shell attack using http_highlight ewploit any idea
Cooper F. Nelson
cnelson at ucsd.edu
Fri Jul 5 19:20:07 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
see the emerging-shellcode.rules.
Most of them are disabled by default, so keep that in mind. I would
suggest enabling them all and running a test attack to see which ones
trigger.
On 7/5/2013 12:12 PM, mouna amani wrote:
> Any one has an idea how to stop an attck that wants to get the shell
> of the victime using emerging rules???
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJR1xxnAAoJEKIFRYQsa8FWYXMH/0eahtIwA4lf5y7Utle0geuD
8Aw3OIHqmSzEnlcutZt1beBsEM8adDnD+gABU4j/31QgHmJpMO4rg8s/NDS948iL
SH1IERDwlgJtC8Pip0ycnIz1lSIcHrWusLyXmONnawJ+O2r7o5QDTlXCLkeOoEiq
mvFW8McFchbtN5X8uLAbYnq6qJ+IB+Hoj1nCUvyrklSOLsfVJoYQ3Sdu9AYKiCBy
J6BWJ1+0hE42LV6M3AHHO6OZfVEoTauF5ojw549Kt6YRwDQk6IO9zUL0/IIPnz+4
KsXzXOWIhq4e0nyvGlcW2vL73IUOkhJaLkO+m8ZKa1tcfRnNl/KGHbnlbGE9cD0=
=lqUv
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list