Snort mailing list archives
Re: Ghost glibc and EXIM rules
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Thu, 29 Jan 2015 19:43:38 +0000
Lukas, The rule pack should be coming out here momentarily, it’s in the final stages of testing. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos
On Jan 29, 2015, at 10:08 AM, Lukas Matt <lukas.matt () sophos com> wrote: Hi, according to Talos (http://blogs.cisco.com/security/talos/ghost-glibc <http://blogs.cisco.com/security/talos/ghost-glibc>) they have two snort rules for the EXIM glibc exploit. SID 33225 and 33226. I was not able to find them in the sourcefire tarball. Will they be included in the next release? Regards -- Lukas Matt Deep Packet Inspection Developer, SophosLabs O: (+49) 721-25516-322 / M: (+49) 174-3440-555 <logo-right.png> ------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Attachment:
smime.p7s
Description:
------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Ghost glibc and EXIM rules Lukas Matt (Jan 29)
- Re: Ghost glibc and EXIM rules lists () packetmail net (Jan 29)
- Re: Ghost glibc and EXIM rules Joel Esler (jesler) (Jan 29)