Snort mailing list archives
Increase in ASN.1 alerts
From: Joe Gedeon <joe.gedeon () gmail com>
Date: Wed, 2 Feb 2011 12:53:27 -0500
Has anyone else noticed an increase in the number of alerts for SPECIFIC-THREATS ASN.1 constructed bit string? The payload seems different than the kill-bill script. An example can be found here. http://pastebin.com/y9jAigbb Sincerely, Joe -- Registered Linux User # 379282 ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Increase in ASN.1 alerts Joe Gedeon (Feb 02)
- Re: Increase in ASN.1 alerts Michael Scheidell (Feb 02)
- Reliability of signatures Fraser, Hugh (Feb 04)
- Re: Reliability of signatures Martin Holste (Feb 04)
- Re: Reliability of signatures Matt Olney (Feb 04)
- Re: Reliability of signatures Jim Hranicky (Feb 04)
- Re: Reliability of signatures Matt Olney (Feb 04)
- Re: Reliability of signatures Martin Holste (Feb 04)
- Re: Reliability of signatures Jim Hranicky (Feb 04)
- Re: Reliability of signatures Martin Roesch (Feb 04)
- Re: Reliability of signatures Joel Esler (Feb 04)
- Re: Reliability of signatures Martin Holste (Feb 04)