Full Disclosure mailing list archives

RE: Snort on a Bootable FreeBSD CD to catch Nachi, Blaster & Sobig

From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Wed, 3 Sep 2003 10:03:23 -0500

-----Original Message-----
From: Justin Tan [mailto:justin.tan () extol com my] 
Sent: Wednesday, September 03, 2003 5:30 AM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Snort on a Bootable FreeBSD CD to 
catch Nachi, Blaster & Sobig

Here's a site to download an iso image of snort running out 
from a bootable FreeBSD CD to catch Nachi, Blaster & Sobig. 
Useful for sysadmins who aren't familiar with nixers or 
aren't yet snorters.

http://www.my-snort.org/downloads/FreeSBIE.ISO
The MD5 sum is e24ddb47d6c0ade80c79b53bbe88735b

Just curious - what sigs are you using for detection?

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Snort on a Bootable FreeBSD CD to catch Nachi, Blaster & Sobig Schmehl, Paul L (Sep 03)