Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Crusoe Researches offer new rule for detecting last NTP mode (7) private request

From: rmkml <rmkml () free fr>
Date: Thu, 10 Dec 2009 06:33:27 +0100 (CET)
Hi,

Crusoe Researches offering a new rule for detecting last NTP mode (7) private request:
   http://www.Crusoe-Researches.com/en/ntprequestmode7privateuse.txt
remember to adjust the src/dst ips/ports variables!

Credits:
Crusoe Researches
http://www.Crusoe-Researches.com
contact () Crusoe-Researches com
=> Crusoe Researches have more than 4325 UNIQ 'snort' rules for Commercial Access
              (Contact me directly if you are interested)

Crusoe Researches support Bro idps v1.5.0prerelease project format rules (http://www.bro-ids.org/):
Without specific signature, bro detect malformed (truncated) ntp request!

Azwalaro new nidps open source project (WireShark based)
   http://www.Crusoe-Researches.com/azwalaro/
   azwalaro () Crusoe-Researches com
ntppriv.flags.r == 0 and (ntp.flags.vn >= 1 or ntp.flags.vn <= 4)

Happy Detect
Regards
Rmkml
Crusoe-Researches.com

------------------------------------------------------------------------------
Return on Information:
Google Enterprise Search pays you back
Get the facts.
http://p.sf.net/sfu/google-dev2dev
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
Previous By Date Next
Previous By Thread Next

Current thread: