IDS mailing list archives
Re: DNS Cache Poisoning attack
From: Joel Esler <joel.esler () mac com>
Date: Thu, 17 Jul 2008 11:15:47 -0400
There are Shared Object rules available for the DNS Cache Poisoning attack that are VRT certified available via subscription at www.snort.org .
J On Jul 16, 2008, at 10:38 PM, Ravi Chunduru wrote:
Does anybody have snort or Intrupro-IPS signature(s) to detect DNS Cache Poisoning attack? Also, is there any PoC to simulate the attack and test the effectiveness of signature(s)? thanks Ravi ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------
Current thread:
- DNS Cache Poisoning attack Ravi Chunduru (Jul 17)
- Re: DNS Cache Poisoning attack Joel Esler (Jul 17)
- Re: DNS Cache Poisoning attack Michael Rash (Jul 17)
- Re: DNS Cache Poisoning attack Secure Scorp (Jul 21)
- Re: DNS Cache Poisoning attack Michael Rash (Jul 17)
- Re: DNS Cache Poisoning attack Mario A. Spinthiras (Jul 21)
- Re: DNS Cache Poisoning attack Joel Esler (Jul 17)