[Dshield] Snort rule for MSBlast? Does one exist?

Johannes Ullrich jullrich at euclidian.com
Tue Aug 12 23:00:07 GMT 2003


The existing RPC DCOM signatures will work just fine for it.


On Tue, 2003-08-12 at 17:07, John D. wrote:
> Does anyone know if a snort rule exists for the MSBlast virus?   or any kind of signature I should look for?
> 
> John
> 
> 
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
-- 
--------------------------------------------------------------
Johannes Ullrich                     jullrich at euclidian.com
pgp key: http://johannes.homepc.org/PGPKEYS
--------------------------------------------------------------
   "We regret to inform you that we do not enable any of the 
    security functions within the routers that we install."
         support at covad.net
--------------------------------------------------------------





More information about the list mailing list