IDS mailing list archives
Snort rules to detect malformed http scanning
From: pathik () zimbio com
Date: 27 Oct 2006 00:01:54 -0000
I would liek to add rule to my snort database which can block scanning of malformed urls. We are runnning our website in CGI which eventually generated mix of java script based HTml code. Few days back we are experiencing traffic from scanners and bots which scans our website for PHP files,which we don't have. I would like to block IP addresses of this types of scan genration. ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- Snort rules to detect malformed http scanning pathik (Oct 27)
- <Possible follow-ups>
- RE: Snort rules to detect malformed http scanning Ofer Shezaf (Oct 30)
- Message not available
- Re: Snort rules to detect malformed http scanning Justin Heath (Oct 30)
- Message not available