Automatically Updating Snort Rules


123


tar: rules/rservices.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the 


future


tar: rules/rpc.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules/porn.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules/policy.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the 


future


tar: rules/netbios.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the 


future


tar: rules/misc.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules/local.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules/info.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules/icmp.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules/icmp info.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the 


future


tar: rules/ftp.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules/finger.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the 


future


tar: rules/exploit.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the 


future


tar: rules/dos.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules/dns.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules/ddos.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules/bad traffic.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the 


future


tar: rules/backdoor.rules: time stamp 2002 07 14 13:10:24 is 348194 s in the 


future


tar: rules/snort.conf: time stamp 2002 07 14 13:10:24 is 348194 s in the future


tar: rules: time stamp 2002 07 14 13:10:24 is 348194 s in the future


done.


Disabling rules according to ./oinkmaster.conf... 0 rules disabled.


Comparing new files to the old ones... done.


[***] Results from Oinkmaster started Wed Jul 10 12:25:37 2002 [***]


[*] Rules added/removed/modified: [*]


  [+++]           Added:           [+++]


     > File "tftp.rules":


       alert udp any any  > any 69 (msg:"TFTP GET shadow"; content: "|0001|"; 


offset:0; depth:2; content:"shadow"; nocase; classtype:successful admin; 


sid:1442; rev:1;)


       alert udp any any  > any 69 (msg:"TFTP GET passwd"; content: "|0001|"; 


offset:0; depth:2; content:"passwd"; nocase; classtype:successful admin; 


sid:1443; rev:1;)


       alert udp $EXTERNAL_NET any  > $HOME_NET 69 (msg:"TFTP parent directory"; 


content:".."; reference:arachnids,137; reference:cve,CVE 1999 0183; 


classtype:bad unknown; sid:519; rev:1;)


  [///]       Modified active:     [///]


     > File "tftp.rules":








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      toronto web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved