Network Security: Detailed info on [Snort-users] MS-SQL Probe when listening to streaming radio! ???

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Snort-Users

[Top] [All Lists]

[Snort-users] MS-SQL Probe when listening to streaming radio! ???

from [Jeffery Gunter] Network Security

[Permanent Link]

Subject:	[Snort-users] MS-SQL Probe when listening to streaming radio! ???
Date:	Wed, 29 Mar 2006 08:53:46 -0500

Hi Folks; 

I'm quite new to snort.  I have a user using Win Media Player to listen
to streaming radio from WIMZ out of Knoxville, TN. My issue is that it
is causing snort to go crazy. I've received over 100 of the following
messages: 

IDS:S=snort:ID=1:[1:2329:6] MS-SQL probe response overflow attempt
[Classification: Attempted User Privilege Gain] [Priority: 1]: {UDP}
66.250.188.37:2267 -> 10.88.220.65:1215 

My user's ip is 65 and when I had her stop accessing the stream the
messages stopped? What is up with this? I have no SQL services running
on her computer? 

Thanks for your help!

:-)

Jeffery Gunter  |  Chief Information Officer  |  Citizens Bank of East
Tennessee  |  http://www.cbetn.com <BLOCKED::http://www.cbetn.com/> 

email:  jgunter@cbetn.com <BLOCKED::mailto:jgunter@cbetn.com> 

Land:  423-272-2200  x17

Cell:  423-754-5157

Fax:  423-272-2322

 



This e-mail was scanned for viruses.

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Snort-users] MS-SQL Probe when listening to streaming radio! ???, Jeffery Gunter <= Re: [Snort-users] MS-SQL Probe when listening to streaming radio! ???, Paul Schmehl Re: [Snort-users] MS-SQL Probe when listening to streaming radio! ???, Andrew RE: [Snort-users] MS-SQL Probe when listening to streaming radio! ???, Briggs, Bruce Re: [Snort-users] MS-SQL Probe when listening to streaming radio! ???, Joel Esler

Previous by Date:	Re: [Snort-users] Update on Sourcefire Acquisition, Randal T. Rioux
Next by Date:	RE: [Snort-users] MS-SQL Probe when listening to streaming radio! ???, Briggs, Bruce
Previous by Thread:	[Snort-users] Frag3 prealloc_frags question, Gentoo-Wally
Next by Thread:	Re: [Snort-users] MS-SQL Probe when listening to streaming radio! ???, Paul Schmehl
Indexes:	[Date] [Thread] [Top] [All Lists]