Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Need help to identify issue on BOTNET-CNC Trojan.Bankpatch.C authentication

From: babu dheen <babudheen () yahoo co in>
Date: Wed, 21 Nov 2012 20:59:59 +0800 (SGT)
Dear Support,
 
 We have enabled Snort IPS between two unix machine and once enabled, we are seeing below events continously. We would 
like to know what does mean by below event and how can we solve the same.
 
Name : "BOTNET-CNC Trojan.Bankpatch.C authentication String detected"
Source IP : Solaris Server IP
Destination IP : Solaris Server IP
Destination Port : 80
 
Regards
Babu
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: