[Dshield] Need help with this pattern

Jay Wren JRWren at advnetworks.com
Thu Oct 25 19:44:37 GMT 2001


Neither did my MS Outlook FYI...

mailing executable or unrelated attachments to a mail list is bad etiquete.
Put those snort logs in a nice ascii text file format and try again.

-Jay R. Wren

-----Original Message-----
From: Clint Byrum [mailto:cbyrum at erp.com]
Sent: Thursday, October 25, 2001 1:12 PM
To: dshield at dshield.org
Subject: Re: [Dshield] Need help with this pattern


Any way you can paste that info in a more internet-friendly manner? My 
mozilla mail running on Linux has no clue what an OLE_Obj is.

Chan, Stephen (TIS, Singapore) wrote:

>Hi people, this is an excerpt of a Snort log I have placed outside my
>firewall. 
>
> <<...OLE_Obj...>> 
>
>It seems to be a bunch of spoofed source IP hitting my IDS host
>(aa.bb.cc.dd). The actual trace runs over 3 days! with similar patterns.
Has
>anyone else seen anything like this? Or do you need more information?
>
>
>_______________________________________________
>Dshield mailing list
>Dshield at dshield.org
>To change your subscription options (or unsubscribe), see:
http://www1.dshield.org/mailman/listinfo/dshield
>


_______________________________________________
Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see:
http://www1.dshield.org/mailman/listinfo/dshield




More information about the list mailing list