Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Full-Disclosure] Snort and SourceFire Compromised

From: Brian <bmc () snort org>
Date: Sun, 21 Sep 2003 05:08:15 -0400
On Sat, Sep 20, 2003 at 10:46:14PM -0700, joeypork () hushmail com wrote:

Hey, has anyone else seen this:

http://www.phrack.nl/phrack62/p62-0x0d.txt

It looks like the PHC folks are at it again, the above is an article
on "sneeze", a new script that will generate traffic to trigger on every
snort rule. 

Also, appended to the end of the article is the home dirs of everyone
at Sourcefire/Snort. You can see what is in Marty's directory, etc. Go
check it out. 


Yes, this was a LONG time ago.  Note that ALL of the date timestamps are 
dashed out.  Gee, I wonder why.  As well as normal incident response,
the entire snort team did a major audit of snort at that time for anything 
injected.

BTW, for those of you wanting the original sneeze, its still available 
online at http://snort.sourceforge.net/sneeze-1.0.tar 

-brian


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: