Snort mailing list archives
Re: Big Brother: Alerts SSH CRC exploit
From: Edwin Eefting <edwin () bit nl>
Date: Thu, 22 Nov 2001 08:43:28 +0100 (CET)
On Wed, 21 Nov 2001 23:35:29 -0500 Wynn Fenwick <wfenwick () entrenet com> wrote:
Hi, Has anyone else experienced Big Brother health checking triggering the SSH CRC vulnerability exploit rules? Any opinions as to why this is necessary from the Big Brother users of the Snort community? The signature is very content specific, so it's wierd something doing a health check would trigger..
If it's an active security scanner/checker, it's perfectly normal to trigger some alerts. (like nessus does) It just tries some things to see if your box is vulnerable to certain exploits. bye
W -- FHLSim - The Fantasy Hockey League Simulator of Choice http://www.FHLSim.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- __________________ /\ ___/ Edwin Eefting /- \ _/ Business Internet Trends BV /--- \/ __________________ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Big Brother: Alerts SSH CRC exploit Wynn Fenwick (Nov 21)
- Re: Big Brother: Alerts SSH CRC exploit Edwin Eefting (Nov 21)