OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: twig les (twiglesyahoo.com)
Date: Mon Jul 01 2002 - 17:01:38 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    That's a good idea for a quick script that I should
    have had done months ago. As soon as I put out the
    lastest mystery fire I'll see if I can get a
    reasonable little Lynx-based cronjob.

    --- Steve McGhee <stevemlmri.ucsb.edu> wrote:
    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    >
    > with all the fuss lately over the new apache worm,
    > etc, id like to know
    > if my machine is getting hit (its patched, just
    > being curious). i know
    > about mod_blowchunks, but im looking for something
    > more general..
    >
    > it seems to me that snort could see these attacks
    > pretty easily.
    >
    > is there a tool/method out there that will retrieve
    > the *latest* snort
    > signatures automatically? for those of us not
    > running snort via CVS, id
    > like a way to do something like cvsup, but _only_
    > update my ruleset
    > every night or whatever.
    >
    > i cc: the freebsd team as this might be a cool
    > (simple) port. (something
    > like /usr/ports/security/snort-signatures)
    >
    > this could be helpful to people who are just
    > curious, or maybe could
    > provide some good numbers to shock lazy sysadmins
    > into actually patching
    > their machines.
    >
    >
    > ..of course, this is all assuming there's someone
    > out there writing
    > signatures ;)
    >
    > - --
    > - -steve
    >
    > ~
    >
    ..........................................................
    > ~ Steve McGhee
    > ~ Systems Administrator
    > ~ Linguistic Minority Research Institute
    > ~ UC Santa Barbara
    > ~ phone: (805)893-2683
    > ~ email: stevemlmri.ucsb.edu
    >
    > -----BEGIN PGP SIGNATURE-----
    > Version: PGP 6.5.8
    > Comment: Using PGP with Mozilla -
    > http://enigmail.mozdev.org
    >
    >
    iQA/AwUBPSDCUKUr5syonrLMEQKjYQCfRiRGHIGGviqfGl/9xvRNpaambakAoIns
    > BcxrxnUpvAJK3Sczy5nY4Ir5
    > =9LCO
    > -----END PGP SIGNATURE-----
    >
    >
    > To Unsubscribe: send mail to majordomoFreeBSD.org
    > with "unsubscribe freebsd-security" in the body of
    > the message

    =====
    -----------------------------------------------------------
    Only fools have all the answers.
    -----------------------------------------------------------

    __________________________________________________
    Do You Yahoo!?
    Yahoo! - Official partner of 2002 FIFA World Cup
    http://fifaworldcup.yahoo.com

    -------------------------------------------------------
    This sf.net email is sponsored by:ThinkGeek
    No, I will not fix your computer.
    http://thinkgeek.com/sf
    _______________________________________________
    Snort-users mailing list
    Snort-userslists.sourceforge.net
    Go to this URL to change user options or unsubscribe:
    https://lists.sourceforge.net/lists/listinfo/snort-users
    Snort-users list archive:
    http://www.geocrawler.com/redir-sf.php3?list=snort-users