Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DROWN Rule

From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Mon, 14 Mar 2016 21:37:03 +0000
Yes, that is the correct rule, and yes, it’s still only available to subscribers.


--
Joel Esler
Manager, Talos Group




On Mar 14, 2016, at 3:54 PM, Scott Ellis <scorellis () gmail com<mailto:scorellis () gmail com>> wrote:

I read on the Internet somewhere that rule 1-38060 - POLICY-OTHER SSLv2 Client Hello attempt
would detect an attempt to infiltrate via a DROWN styled assault.  Can anyone confirm this, and also help me figure out 
where to get it?  the following link:
https://snort.org/rule_docs/1-38060
is rather short on details.  Perhaps this is one of those things for which we need to purchase a subscription?

Than you
Scott
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!


------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: