Snort mailing list archives
Re: ATTACK-RESPONSES id check returned root
From: Patrick Walsh <pwalsh () esoft com>
Date: Fri, 21 Oct 2005 11:44:05 -0600
SUCKIT v 1.1c - New, singing, dancing, world-smashing rewtkit *.* (c)oded by sd () sf cz & devik () cdi cz, 2001 Configuring ./sk:.OK!.[attacker () badass cz ~/sk10]$ telnet lamehost.com 80.Trying 192.160.0.2.... Connected to lamehost.com..Escape character
Looks like someone viewed this phrack article:
http://www.phrack.org/phrack/58/p58-0x07
which triggered the rule.
--
Patrick Walsh
eSoft Incorporated
303.444.1600 x3350
http://www.esoft.com/
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- ATTACK-RESPONSES id check returned root Chris Romano (Oct 21)
- Re: ATTACK-RESPONSES id check returned root Matt Kettler (Oct 21)
- Re: ATTACK-RESPONSES id check returned root Matt Kettler (Oct 21)
- Re: ATTACK-RESPONSES id check returned root Patrick Walsh (Oct 21)
- Re: ATTACK-RESPONSES id check returned root Chris Romano (Oct 21)
- Re: ATTACK-RESPONSES id check returned root cc (Oct 21)
- RE: ATTACK-RESPONSES id check returned root Our World Is Here (Oct 24)
- RE: ATTACK-RESPONSES id check returned root Paul Schmehl (Oct 25)
- RE: ATTACK-RESPONSES id check returned root Our World Is Here (Oct 26)
- RE: ATTACK-RESPONSES id check returned root Our World Is Here (Oct 24)
- <Possible follow-ups>
- RE: ATTACK-RESPONSES id check returned root Willy, Andrew (Oct 21)