Snort mailing list archives
RE: possible exploit
From: "Patrick S. Harper" <patrick () internetsecurityguru com>
Date: Wed, 15 Feb 2006 04:22:52 -0600
Old Cisco exploit. I saw a bunch of them not too long ago. http://isc.sans.org/diary.php?storyid=1104 -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Robert T Wyatt Sent: Wednesday, February 15, 2006 2:08 AM To: snort-users () lists sourceforge net Subject: [Snort-users] possible exploit It's possible that I wasn't logging at the moment this hit, but it did not show up in my snort log and so I believe it was missed. I don't know what it was after, but it doesn't look friendly to me. 60.10.38.189 - - [14/Feb/2006:22:20:03 -0600] "GET /level/16/exec/-///pwd HTTP/1.0" 404 346 "-" "-" ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- possible exploit Robert T Wyatt (Feb 15)
- RE: possible exploit Patrick S. Harper (Feb 15)
- Re: possible exploit Frank Knobbe (Feb 15)
- Re: possible exploit Robert T Wyatt (Feb 15)
- Re: possible exploit Robert T Wyatt (Feb 16)
- Re: possible exploit Robert T Wyatt (Feb 15)