Snort mailing list archives
RE: eEyeIsTheBest seen in http?
From: Steve Halligan <agent33 () geeksquad com>
Date: Thu, 27 Sep 2001 16:14:44 -0500
This is either Retina or one of Eeye's other vulnerability scanning tools. Check 'em out at www.eeye.com Eeye is a legitimate organization, the person using the tool on you may not be. BTW, they are scanning for the IIS unicode directory traversal vulnerability which is used by Nimda and SadMind and others. -Steve
Subject: [Snort-users] eEyeIsTheBest seen in http? Has anyone else seen this? I am seeing a handful of these, from internal machines, sometimes going to other segments in the network as well as to outside systems (web servers).
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- eEyeIsTheBest seen in http? Tom Sevy (Sep 27)
- Re: eEyeIsTheBest seen in http? Erek Adams (Sep 27)
- Re: eEyeIsTheBest seen in http? niceshorts (Sep 27)
- <Possible follow-ups>
- RE: eEyeIsTheBest seen in http? Steve Halligan (Sep 27)