Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Big Brother: Alerts SSH CRC exploit

From: Edwin Eefting <edwin () bit nl>
Date: Thu, 22 Nov 2001 08:43:28 +0100 (CET)
On Wed, 21 Nov 2001 23:35:29 -0500 Wynn Fenwick <wfenwick () entrenet com> wrote:


Hi,

Has anyone else experienced Big Brother health checking triggering the
SSH CRC vulnerability exploit rules?

Any opinions as to why this is necessary from the Big Brother users of
the Snort community? The signature is very content specific, so it's
wierd something doing a health check would trigger..


If it's an active security scanner/checker, it's perfectly normal to trigger some
alerts. (like nessus does) It just tries some things to see if your box is
vulnerable to certain exploits.
bye



W

--
FHLSim - The Fantasy Hockey League Simulator of Choice
http://www.FHLSim.com/



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




--                            __________________
                             /\ ___/          
Edwin Eefting               /- \ _/  Business Internet Trends BV
                           /--- \/           __________________


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: