|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Snort-users] BackDoor Subsevsen
From: Biswas, Proneet (pbiswas
iPolicyNet.COM)
Date: Fri Jan 02 2004 - 00:32:09 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
I was trying to analyze the signature for SID : 103
BackDoor Subseven 22
From Packet Direction "-> ", it appears that the signature is on a packet
from port 27374 to any port inside
But from flow direction "to_server", it would appear that the signature is
to be triggered for a packet from any port to port 27374 assuming that the
port 27374 is the server port.
Can you please point me out if I am missing anything on this ?
Thanks.
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]