Snort mailing list archives
Re: Webx, GotoMyPc and Loophole
From: Frank Knobbe <frank () knobbe us>
Date: Wed, 08 Mar 2006 19:54:42 -0600
On Wed, 2006-03-08 at 18:20 -0600, Ron Jenkins wrote:
Has anyone written a rule to detect these?
Sure, Have you checked the BleedingSnort rules? grep -i webex * | sed "s/:.*sid//" |sed "s/;.*//" bleeding-policy.rules: 2001712 bleeding-policy.rules: 2001713 bleeding-policy.rules: 2001714 grep -i gotomypc * | sed "s/:.*sid//" | sed "s/;.*//" bleeding-policy.rules: 2000309 bleeding-policy.rules: 2002022 policy.rules:1429 Nothing on loophole. Any info you can provide on that? Regards, Frank -- It is said that the Internet is a public utility. As such, it is best compared to a sewer. A big, fat pipe with a bunch of crap sloshing against your ports.
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Webx, GotoMyPc and Loophole Ron Jenkins (Mar 08)
- Re: Webx, GotoMyPc and Loophole Frank Knobbe (Mar 08)
- <Possible follow-ups>
- RE: Webx, GotoMyPc and Loophole Ron Jenkins (Mar 08)