Snort mailing list archives
SID 1841
From: "Romano, Chris" <CRomano () AtlasBD com>
Date: Mon, 29 Dec 2003 15:02:00 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 When some users visit Netscape's site it is setting off an alert for "WEB-CLIENT JavaScript URL host spoofing attempt". Specifically IPs 64.12.153.151 and 64.12.48.217. Is this just bad coding on Netscape's part or is this rule not written correctly? I am using the most up to date ruleset. Is anyone else seeing this? Thanks, Chris Romano -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBP/CINwvHK4/UMrUIEQKI7QCeNPxRD+KwWKcLovnCK441EzRnecsAoObT XM6OGvPC7dQd49EwlYAtMdH7 =tV4p -----END PGP SIGNATURE-----
Current thread:
- SID 1841 Romano, Chris (Dec 29)
- <Possible follow-ups>
- SID 1841 Romano, Chris (Dec 29)