[Oisf-users] "ETPRO EXPLOIT NetSupport Manager Client Buffer Overflow Relative"; sid:2801281; rev:5; )
Anoop Saldanha
anoopsaldanha at gmail.com
Wed Oct 9 04:49:03 UTC 2013
On Wed, Oct 9, 2013 at 5:15 AM, Russell Fulton <r.fulton at auckland.ac.nz> wrote:
> Hi
>
> Puzzled by this one. Suri is triggering this sig on traffic *from* port 443 but the sig says "From server"?
> I am not seeing this on my snort sensor which is running the same ruleset — supposedly on the same traffic.
>
Can you share this pcap for the flow that triggers this?
What version of suricata are you using?
--
-------------------------------
Anoop Saldanha
http://www.poona.me
-------------------------------
More information about the Oisf-users
mailing list