Security Basics mailing list archives
Re: IPS log analysis
From: erika_cissp () yahoo com
Date: 12 May 2008 16:57:47 -0000
This is from TippingPoint central management console. I'd really like to know: How they are forging the source IP to appear as if it is on the same class C as the destination (There should be no traffic to this DB) What they are trying to do. I did some research and it looks as if they are trying to change the password and then run an executable. Any ideas? Thanks in advance
Current thread:
- IPS log analysis erika_cispp (May 12)
- Re: IPS log analysis LGM (May 12)
- <Possible follow-ups>
- Re: IPS log analysis erika_cissp (May 12)
- RE: IPS log analysis Sergio Castro (May 12)