Snort mailing list archives

SHELLCODE Attacks

From: "Naman Latif" <naman.latif () inamed com>
Date: Fri, 5 Dec 2003 12:05:50 -0800

Hi,
I am a newbie to Intrusion Detection and confused that why in the
default Snort.conf file, the following parameter is used

+++++++
# Ports you want to look for SHELLCODE on.
var SHELLCODE_PORTS !80
+++++++

Does that mean that no SHELLCODE attacks exist for port 80 ?

Regards \\ Naman



-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78&alloc_id371&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

SHELLCODE Attacks Naman Latif (Dec 05)
- Re: SHELLCODE Attacks Matt Kettler (Dec 05)
  - Re: SHELLCODE Attacks Erwin Van de Velde (Dec 05)
    - Re: SHELLCODE Attacks Matt Kettler (Dec 05)
    - Re: SHELLCODE Attacks Jeff Nathan (Dec 05)
    - Re: SHELLCODE Attacks Matt Kettler (Dec 05)
- <Possible follow-ups>
- RE: SHELLCODE Attacks Naman Latif (Dec 05)
  - Windows 2000 Terminal Snort Issues Jim Robinson (Dec 05)