Snort mailing list archives

Previous By Date Next
Previous By Thread Next

SID 1841

From: "Romano, Chris" <CRomano () AtlasBD com>
Date: Mon, 29 Dec 2003 14:56:51 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

When some users visit netscape's site it is setting off an alert for
"WEB-CLIENT Javascript URL host spoofing attempt".  Specifically IPs
64.12.153.151 and 64.12.48.217.  Is this just bad coding on Netscape's
part or is this rule not written correctly?  I am using the most up to
date ruleset.  Is anyone else seeing this?

Thanks,
Chris Romano

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBP/CHAgvHK4/UMrUIEQId6gCfe8Si/GFRAaWukmSk6pDAyxdQvBkAn0IM
j9k3KcpUS58dlphfJCFq5ACR
=ojWE
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: