Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-sigs] Crusoe Researches offer new rule for detecting MacOS VP

from [Matt Jonkman] Network Security [Permanent Link]
Subject: Re: [Snort-sigs] Crusoe Researches offer new rule for detecting MacOS VPNd DoS
Date: Fri, 07 Dec 2007 15:19:49 -0500 
You are reselling the bleeding sigs, and VRT and community?

Are you aware that is not legal for sigs other than the bleeding sigs?

And who the hell is retarded enough to buy free sigs?

Matt

rmkml wrote:

yeah thx Colin for publishing rules ...
If you have variations please post change or shut...
Why ? Why SourceFire not publishing rules ?
(same reply!)
Many company resales rules (bleeding,community,vrt60day) without any reply!
Happy Snorting
Rmkml
Crusoe Researches



On Fri, 7 Dec 2007, Colin Grady wrote:


Date: Fri, 7 Dec 2007 08:31:53 -0600
From: Colin Grady <colin.grady@gmail.com>
To: snort-sigs@lists.sourceforge.net
Subject: Re: [Snort-sigs] Crusoe Researches offer new rule for detecting 
MacOS
     VPNd DoS

Excuse me... I said variations of the vulnerability. I meant variations of
the exploit.

Apologies,
Colin


On Dec 7, 2007 8:30 AM, Colin Grady <colin.grady@gmail.com> wrote:


Based on the conversations, it doesn't sound like anyone really cares, but
they had a link to the rule in the "latest news" portion of the web site:

   http://www.crusoe-researches.com/en/macosvpnddos.txt

Looks perhaps a little too specific, leaving room for variations of the
vulnerability to go undetected.

Enjoy,
Colin



On Dec 7, 2007 7:33 AM, M. Shirk <shirkdog_list@hotmail.com> wrote:


There is a reason your signatures stopped being included in the
community set.

Talk amongst yourselves.

Shirkdog
' or 1=1--
http://www.shirkdog.us

------------------------------

Date: Fri, 7 Dec 2007 07:56:49 -0500
From: jonkman@jonkmans.com
To: rmkml@free.fr
CC: Dave.Ellingsberg@csu.mnscu.edu; contact@Crusoe-Researches.com;

Snort-sigs@lists.sourceforge.net


Subject: Re: [Snort-sigs] Crusoe Researches offer new rule for

detecting MacOS VPNd DoS

Why?

rmkml wrote:

Simply because my company need contact before sending rules.
Rmkml


On Thu, 6 Dec 2007, Dave Ellingsberg wrote:


Date: Thu, 06 Dec 2007 19:08:37 -0600
From: Dave Ellingsberg <Dave.Ellingsberg@csu.mnscu.edu>
To: rmkml < rmkml@free.fr>, Snort-sigs@lists.sourceforge.net
Cc: contact@Crusoe-Researches.com
Subject: Re: [Snort-sigs] Crusoe Researches offer new rule for

detecting MacOS

VPNd DoS

why do you not just post your rule?


rmkml <rmkml@free.fr> 12/06/07 9:18 AM >>>

Hi,

Crusoe Researches offering a new rule for detecting MacOS VPNd DoS,
if You are interested, simply send me a email, and we reply with

http url contains this rules !

Credits:
Crusoe Researches
http://www.Crusoe- Researches.com
contact@Crusoe- Researches.com
=> Crusoe Researches have more than 2518 UNIQ 'snort' rules for

Commercial Access

(Contact me directly if you are interested)

Azwalaro French new nidps open source project
http://www.Crusoe- Researches.com/azwalaro/
azwalaro@Crusoe- Researches.com

Regards
Rmkml



-------------------------------------------------------------------------

SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Snort- sigs mailing list
Snort- sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort- sigs






-------------------------------------------------------------------------

SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

--
--------------------------------------------
Matthew Jonkman
Emerging Threats
US Phone 765-429-0398
US Fax 312-264-0205
AUS Phone 61-42-4157-491
AUS Fax 61-29-4750-026
http://www.emergingthreats.net
--------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc





-------------------------------------------------------------------------

SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

------------------------------
Connect and share in new ways with Windows Live. Connect 
now!<http://www.windowslive.com/connect.html?ocid=TXT_TAGLM_Wave2_newways_112007>


-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs




-------------------------------------------------------------------------
SF.Net email is sponsored by: 
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs


-- 
--------------------------------------------
Matthew Jonkman
Emerging Threats
US Phone 765-429-0398
US Fax 312-264-0205
AUS Phone 61-42-4157-491
AUS Fax 61-29-4750-026
http://www.emergingthreats.net
--------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc



-------------------------------------------------------------------------
SF.Net email is sponsored by: 
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-sigs] Crusoe Researches offer new rule for detecting MacOS VPNd DoS, rmkml
Next by Date:  [Snort-sigs] Bleeding Edge Threats Weekly Signature Changes, bleeding
Previous by Thread:  Re: [Snort-sigs] Crusoe Researches offer new rule for detecting MacOS VPNd DoS, rmkml
Next by Thread:  Re: [Snort-sigs] Crusoe Researches offer new rule for detecting MacOS VPNd DoS, rmkml
Indexes:  [Date] [Thread] [Top] [All Lists]