Snort mailing list archives

Re: snort attacks

From: Guillaume <guillaume () sky fr>
Date: Wed, 30 May 2001 07:31:53 +0200

Ryan Russell wrote:

On Tue, 29 May 2001, Steve Moran wrote:

Where can I find a description of the attacks or the exploit someone is
trying to use?  For example, if I see this type of attack is occurring
x86 NOOP - unicode BUFFER OVERFLOW ATTACK

How would I know what they are trying for?


ARIS users have access to this sort of information, indirectly.  Sign up,
submit your logs, and when you view the description for a particular
attack, there's a description of what is being tried, and links to the
Bugtraq ID, which has example exploits, patches, etc..  ARIS Analyzer is
free.


... as free as arachNIDS from whitehats.com is.... :-)

Guillaume.


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snort attacks Steve Moran (May 29)
- Re: snort attacks Max Vision (May 29)
- RE: snort attacks Ofir Arkin (May 29)
- Re: snort attacks Ryan Russell (May 29)
  - Re: snort attacks Guillaume (May 29)
- <Possible follow-ups>
- Re: snort attacks Dr SuSE (May 29)
- RE: snort attacks Steve Moran (May 29)
  - RE: snort attacks Max Vision (May 29)