Metasploit mailing list archives

Snort Rules

From: security at brvenik.com (Jason)
Date: Thu, 19 Oct 2006 12:39:27 -0400

check out this rule in the community set.


100000207 || COMMUNITY IMAP GNU Mailutils imap4d hex attempt

Matt Jonkman wrote:

I don't think we have one in the bleeding ruleset, but if you are
playing with it, send me a pcap offlist and I'll see about making one up.

Matt

jose antonio franca wrote:

Hi there,
 
Does anybody happen to know any Snort rule for detecting
gnu_mailutils_imap4 attack ?
 
Thanks
 
Jos? Ant?nio

------------------------------------------------------------------------
MSN Messenger: converse com os seus amigos online. Instale gr?tis.
Clique aqui. <http://g.msn.com/8HMAENBR/2749??PS=47575>

Current thread:

MSF 3.0 Beta error encrypted code (Oct 17)
- MSF 3.0 Beta error mmiller at hick.org (Oct 17)
- MSF 3.0 Beta error H D Moore (Oct 17)
- MSF 3.0 Beta error Clemens, Dan (Oct 18)
  - Snort Rules jose antonio franca (Oct 19)
    - Snort Rules Matt Jonkman (Oct 19)
    - Snort Rules Jason (Oct 19)
    - IMail 2006 and 8.x RCPT TO Stack Overflow Greg Linares (Oct 19)