Snort mailing list archives

does snort pick up lthe izamoon attack?

From: Jason Haar <Jason.Haar () trimble co nz>
Date: Fri, 01 Apr 2011 11:08:55 +1300

Hi there

As you are all no doubt aware, the "lizamoon" SQL injection attack has
already hacked over 380,000 urls. Does anyone know if snort picks it via
one of it's existing rules, and if not, has anyone written one?

Thanks

http://community.websense.com/blogs/securitylabs/archive/2011/03/29/lizamoon-mass-injection-28000-urls-including-itunes.aspx

-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1


------------------------------------------------------------------------------
Create and publish websites with WebMatrix
Use the most popular FREE web apps or write code yourself; 
WebMatrix provides all the features you need to develop and 
publish your website. http://p.sf.net/sfu/ms-webmatrix-sf
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org

Current thread:

does snort pick up lthe izamoon attack? Jason Haar (Mar 31)
- Re: does snort pick up lthe izamoon attack? Alex Kirk (Mar 31)
  - Re: does snort pick up lthe izamoon attack? Jason Haar (Mar 31)
  - Re: does snort pick up lthe izamoon attack? Joel Esler (Mar 31)