Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] FPs for SMTP SSLv3 openssl get shared ciphers overflow atte

from [Russell Fulton] Network Security [Permanent Link]
Subject: [Snort-sigs] FPs for SMTP SSLv3 openssl get shared ciphers overflow attempt 8435
Date: Thu, 05 Jul 2007 13:59:13 +1200
I am also seeing quite a few of these:

META
SID CID TimeStamp Signature Sig ID
6 6590548 2007-07-04 14:29:58 SMTP SSLv3 openssl get shared ciphers overflow attempt 8435
Sensor Hostname Sensor Interface
monitor-dmzo.isec.auckland.ac.nz dmz sensor
IP
Source Address Dest Address Ver Hdr Len TOS length ID flags offset TTL chksum
210.48.74.103 130.216.190.11 4 5 0 140 20075 2 0 116 23173
Resolved Source Resolved Dest
ip-210-48-74-103.iconz.net.nz groucho.itss.auckland.ac.nz
TCP
Source Port Dest Port Seq Ack Offset Reserved Flags Window Checksum Urgent Ptr
3427 25 1047465774 205133145 5 0 24 65329 32366 0
Options
None
Flags

RB 1 RB 0 URG ACK PSH RST SYN FIN



X X


DATA 
160300005F0100005B03

00468B0627688323A11D

AC9301BE123C8ED1D859

2D2A4059CEA85BFF2F53

73A54800003400390038

003500160013000A0033

0032002F006600050004

00630062006100150012

00090065006400600014

00110008000600030100


            
...._...[.

.F..'h.#..

.....<...Y

-*@Y..[./S

s.H..4.9.8

.5.......3

.2./.f....

.c.b.a....

...e.d.`..

..........


            

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Snort-sigs] FPs for SMTP SSLv3 openssl get shared ciphers overflow attempt 8435, Russell Fulton <=
Previous by Date:  [Snort-sigs] FPs for "SMTP possible BDAT DoS attempt", Russell Fulton
Next by Date:  [Snort-sigs] FPs for WEB-CLIENT Adobe Photoshop PNG file handling stack buffer overflow attempt 11267, Russell Fulton
Previous by Thread:  [Snort-sigs] FPs for "SMTP possible BDAT DoS attempt", Russell Fulton
Next by Thread:  [Snort-sigs] FPs for WEB-CLIENT Adobe Photoshop PNG file handling stack buffer overflow attempt 11267, Russell Fulton
Indexes:  [Date] [Thread] [Top] [All Lists]