[Dshield] Snort rule for MSBlast? Does one exist?

Johannes Ullrich jullrich at euclidian.com
Tue Aug 12 23:00:07 GMT 2003

The existing RPC DCOM signatures will work just fine for it.

On Tue, 2003-08-12 at 17:07, John D. wrote:
> Does anyone know if a snort rule exists for the MSBlast virus?   or any kind of signature I should look for?
> John
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
Johannes Ullrich                     jullrich at euclidian.com
pgp key: http://johannes.homepc.org/PGPKEYS
   "We regret to inform you that we do not enable any of the 
    security functions within the routers that we install."
         support at covad.net

More information about the list mailing list