security.ids.snort.sigs (date)

security.ids.snort.sigs (date)

March 31, 2003

RE: [Snort-devel] rules problem relating to offset?, Kreimendahl, Chad J
Re: [Snort-devel] rules problem relating to offset?, Brian
Re: rules problem relating to offset?, Chris Green
rules problem relating to offset?, Kreimendahl, Chad J
no classtype 4 webdavrules in snortrules-stable - Mon Mar 31 01:15:29 2003 GMT, Sean Wheeler

March 29, 2003

snort-rules CURRENT update @ Sat Mar 29 06:25:06 2003, bmc

March 28, 2003

Re: Submitt new rules, rmkml
snort-rules CURRENT update @ Fri Mar 28 06:25:06 2003, bmc

March 27, 2003

Re: Re: [Snort-users] SID 1545: DOS Cisco attempt, Brian
Re: Submitt new rules, Brian
Re: RE: [snort-cvs] CVS: snort - cazz, Brian
RE: DNS Zone Transfer False Positive, James Hoagland
Re: Question about defining the home_net, Matt Kettler

March 26, 2003

RE: [snort-cvs] CVS: snort - cazz, Kreimendahl, Chad J
snort-rules CURRENT update @ Wed Mar 26 17:04:05 2003, bmc
Question about defining the home_net, Randle, Tommie (Contractor)
snort-rules CURRENT update @ Wed Mar 26 06:25:06 2003, bmc

March 25, 2003

Re: SID 1545: DOS Cisco attempt, D PH
Submitt new rules, rmkml

March 22, 2003

Re: snort-rules STABLE update @ Thu Mar 20 18:53:49 2003, Michael Scheidell

March 21, 2003

Re: [Fwd: Snort Signature for WedDAV], Frank Knobbe
[Fwd: Snort Signature for WedDAV], Frank Knobbe
snort-rules CURRENT update @ Thu Mar 20 18:53:49 2003, bmc
snort-rules STABLE update @ Thu Mar 20 18:53:49 2003, bmc

March 20, 2003

portscan2-ignoreports...anyone get it to work???, Jeff Oliveto
Re: WebDAV nessus script?, Frank Knobbe

March 19, 2003

Re: Symantec Sig for webdav, Frank Knobbe
Re: WebDAV nessus script?, Frank Knobbe
Re: WebDAV nessus script?, Bennett Todd
Re: Alleged webdav exploit code, Mark Tinberg
Re: WebDAV nessus script?, daniel.clemens
Re: WebDAV nessus script?, Jason Haar
Re: WebDAV nessus script?, Frank Knobbe
Re: WebDAV nessus script?, Jason Haar
Re: WebDAV nessus script?, Frank Knobbe
Re: WebDAV nessus script?, Jason Haar
Re: WebDAV nessus script?, Brian
Re: WebDAV nessus script?, Frank Knobbe

March 18, 2003

Re: WebDAV nessus script?, Jason Haar
RE: WebDAV nessus script?, Tobia,Paul
Re: WebDAV nessus script?, Frank Knobbe
Re: WebDAV nessus script?, Joe Stewart
Re: WebDAV nessus script?, Michael Scheidell
Re: WebDAV nessus script?, Frank Knobbe
Re: WebDAV nessus script?, Joe Stewart
WebDAV nessus script?, Tobia,Paul
RE: snort using mysql!, Hugo van der Kooij
Re: Symantec Sig for webdav, Gary Flynn
Re: Symantec Sig for webdav, Frank Knobbe
Re: Possible WebDAV Exploit Signature., Frank Knobbe
Re: Alleged webdav exploit code, Joerg Weber
Re: Alleged webdav exploit code, mailx@xxxxxxxxxxxxx
Possible WebDAV Exploit Signature., Muhammad Faisal Rauf Danka
Possible WebDAV Exploit Signature., Muhammad Faisal Rauf Danka
Alleged webdav exploit code, erics
Re: MP3 Signature, Erek Adams
Re: MP3 Signature, bfdi533
Symantec Sig for webdav, Mail List Account
snort-rules CURRENT update @ Tue Mar 18 06:25:07 2003, bmc
RE: snort using mysql!, Steve Wray
Re: snort using mysql!, Hugo van der Kooij
Re: snort using mysql!, Erek Adams
snort using mysql!, Rolf Brusletto
Re: MP3 Signature, Kenneth G. Arnold
Bug in SID 1070, Frank Knobbe
Re: IIS WebDav sig?, Frank Knobbe

March 17, 2003

Re: IIS WebDav sig?, Frank Knobbe
IIS WebDav sig?, Lazarakis, Dan
Re: MP3 Signature, Erek Adams
Re: MP3 Signature, Hugo van der Kooij
Re: MP3 Signature, Kenneth G. Arnold
Re: probelm with resp keyword, Matt Kettler
Re: MP3 Signature, Hugo van der Kooij
Re: SID 1545: DOS Cisco attempt, twig les
Sig for Notes RPC overflow?, Frank Knobbe
MP3 Signature, Kenneth G. Arnold
Re: RE: snort virus rules etc..., Erek Adams
Re: [Snort-users] SID 1545: DOS Cisco attempt, Rich Adamson
Re: SID 1545: DOS Cisco attempt, Kenneth G. Arnold
SID 1545: DOS Cisco attempt, D PH
RE: snort virus rules etc..., Hyman W Logan

March 16, 2003

Q-backdoor variant signature, Jon

March 15, 2003

probelm with resp keyword, parikshit
Probelm with react and resp keywords, parikshit
problem with react keyword, parikshit
Facing problem with react keyword.!, parikshit

March 14, 2003

Re: Signature for Kazaa Lite, Chris Green
Re: (no subject), Matt Kettler
(no subject), Melissa Nameth
RE: Re: Signature for Kazaa Lite, Trevor Daucsavage
RE: Re: Signature for Kazaa Lite, Erek Adams
Re: Signature for Kazaa Lite, Michael Scheidell
RE: Signature for Kazaa Lite, Trevor Daucsavage
RE: Re: Signature for Kazaa Lite, Trevor Daucsavage
Re: Re: Signature for Kazaa Lite, Erek Adams
Re: Signature for Kazaa Lite, Sam Evans
RE: Signature for Kazaa Lite, Harris, Michael C.
Re: Signature for Kazaa Lite, Anne Carasik
Signature for Kazaa Lite, Trevor Daucsavage
Re: Snort Signatures for LSD-PL.NET Exploit, Martin Roesch
Re: Snort Signatures for LSD-PL.NET Exploit, Martin Roesch

March 13, 2003

Re: Snort-sigs digest, Vol 1 #513 - 4 msgs (Out of office), Chris Rowe
RE: Sendmail crackaddr header overflow, joe . pepin
RE: Re: Snort-sigs digest, Vol 1 #512 - 9 msgs (Out of office), Schmehl, Paul L
Re: Re: Snort-sigs digest, Vol 1 #512 - 9 msgs (Out of office), Matt Kettler
Re: Snort-sigs digest, Vol 1 #512 - 9 msgs (Out of office), Chris Rowe
RE: New code-red Variant (code red F) sig available ?, Young, Mike
RE: New code-red Variant (code red F) sig available ?, Paul M. Sittler
RE: New code-red Variant (code red F) sig available ?, Schmehl, Paul L
RE: New code-red Variant (code red F) sig available ?, Young, Mike
New code-red Variant (code red F) sig available ?, Xavier FIQUET

March 12, 2003

Re: Snort-sigs digest, Vol 1 #511 - 2 msgs (Out of office), Chris Rowe

March 11, 2003

Re: Sendmail crackaddr header overflow, Joe Stewart
RE: Sendmail crackaddr header overflow, joe . pepin
new rule proposal (Dameware), Kreimendahl, Chad J
Re: Snort Signatures for LSD-PL.NET Exploit, Joe Stewart
Re: Snort Signatures for LSD-PL.NET Exploit, Chris Green
Re: Snort Signatures for LSD-PL.NET Exploit, Loki
Re: Snort Signatures for LSD-PL.NET Exploit, Loki
Re: Snort Signatures for LSD-PL.NET Exploit, Brian
Re: Snort Signatures for LSD-PL.NET Exploit, Michael Scheidell
signature information for SIG 104, Muhammad Faisal Rauf Danka
Has anyone developed a rule for the new MultiDropper Virus?, Compton, Rich
signature information for SIG 104, Muhammad Faisal Rauf Danka
Snort Signatures for LSD-PL.NET Exploit, Loki

March 10, 2003

Re: Sendmail crackaddr header overflow, Chris Baker
Re: Sendmail crackaddr header overflow, Wes Zuber

March 09, 2003

Re: Sendmail crackaddr header overflow sig - Dozens of False Positives, Bennett Todd

March 07, 2003

Re: tell the number of packets before triggering, Erek Adams
Re: External Network -Snort Rules, Erek Adams
Re: puzzled: logging more than one packet at a time, Jason
Re: Pass rule problem, Bart Somers
puzzled: logging more than one packet at a time, Christophe Van Ginneken
RE: puzzled: logging more than one packet at a time, Day, Adam L
Re: tell the number of packets before triggering, daniel.clemens
Sendmail crackaddr header overflow sig - Dozens of False Positives, Jeff Oliveto
RE: puzzled: logging more than one packet at a time, Day, Adam L
Re: puzzled: logging more than one packet at a time, Christophe VG
puzzled: logging more than one packet at a time, Christophe VG
Re: tell the number of packets before triggering, Phillip G Deneault
External Network -Snort Rules, John Ascica Sandoval
Re: tell the number of packets before triggering, simsjs
Re: tell the number of packets before triggering, Erek Adams

March 06, 2003

Re: tell the number of packets before triggering, Jason Haar
more info on SID 254?, Carl Gibbons
Re: tell the number of packets before triggering, Carl Gibbons
Re: tell the number of packets before triggering, Marius Stefan
Re: tell the number of packets before triggering, Matt Kettler

March 05, 2003

Re: snort local rules help??, Paul Schmehl
Re: snort local rules help??, Matt Kettler
snort local rules help??, Nick Fear
Re: Sid 1042 - too many FPs, Brian
Re: Sendmail crackaddr header overflow sigs, Joerg Weber
Re: Cywin SSH and EXPLOIT ssh CRC32 overflow filler, Brian
snort-rules CURRENT update @ Wed Mar 5 06:25:07 2003, bmc
snort-rules STABLE update @ Wed Mar 5 06:25:07 2003, bmc
proposed update to web-iis.rules - cmd.exe, and cmd32.exe access rules, Travis Farmer
Re: Sendmail crackaddr header overflow sigs, Michael Scheidell

March 04, 2003

Re: Sendmail crackaddr header overflow sigs, Joe Stewart
RE: Sendmail crackaddr header overflow sigs, Kreimendahl, Chad J
Re: Sendmail crackaddr header overflow sigs, Michael Scheidell
snort-rules STABLE update @ Tue Mar 4 15:08:40 2003, bmc
snort-rules CURRENT update @ Tue Mar 4 15:08:40 2003, bmc
tell the number of packets before triggering, Marius Stefan
snort-rules STABLE update @ Tue Mar 4 06:25:07 2003, bmc
snort-rules CURRENT update @ Tue Mar 4 06:25:07 2003, bmc

March 03, 2003

FW: [VulnWatch] ISS Security Brief: Snort RPC Preprocessing Vulne rability, Robert Wagner
port list, JimF
RE: Sid 1042 - too many FPs, Scheidell

March 01, 2003

Re: Sid:1845 IMAP list overflow attempt, Brian
RE: sid: 1113 - FPs, Schmehl, Paul L
RE: sid: 1113 - FPs, Schmehl, Paul L
Re: sid: 1113 - FPs, Jason
Re: sid: 1113 - FPs, Jon

News | FAQ | advertise