Snort mailing list archives
Re: SSL CodeRed et al
From: Ryan Russell <ryan () securityfocus com>
Date: Tue, 28 May 2002 09:57:29 -0600 (MDT)
On Tue, 28 May 2002 bthaler () webstream net wrote:
Has anyone heard of a CodeRed or Nimda variant attacking on port 443 (SSL)?
All the known variants of those two are hardcoded to port 80. Unless you've got some kind of SSL accelerator that automatically forwards attempts to port 80 to 443 and does SSL on their behalf (and that is possible to do..) then that's not the problem. Shouldn't matter even if they did.... why would that crash your servers? Ryan _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: SSL CodeRed et al Sean T. Ballard (May 28)
- RE: SSL CodeRed et al bthaler (May 28)
- <Possible follow-ups>
- SSL CodeRed et al bthaler (May 28)
- Re: SSL CodeRed et al Ryan Russell (May 28)
- Re: SSL CodeRed et al Phil Wood (May 28)
- RE: SSL CodeRed et al East, Bill (May 28)
- RE: SSL CodeRed et al Frank Knobbe (May 28)
- RE: SSL CodeRed et al bthaler (May 28)
- RE: SSL CodeRed et al Frank Knobbe (May 28)
- RE: SSL CodeRed et al Jim Grossl (May 28)
- RE: SSL CodeRed et al Wilcoxon, Steve (May 29)