[Dshield] Use of TCP Reset attack tool against our customers being detected

Eric Hines eric.hines at appliedwatch.com
Mon Apr 26 18:05:47 GMT 2004


All:

Some of our customers are reporting use of the TCP Reset attack tool
against their networks. One large federal agency is suspecting worm
activity based on this exploit. Has anyone heard of a worm being made
for this exploit or know if Snort signatures exist yet? We're currently
trying to make some ourselves.


BRDS,

Eric Hines, GCIA
CEO, President, Chairman
Applied Watch Technologies, Inc.
http://www.appliedwatch.com
Direct: (877) 262-7593 x327
Fax: (877) 262-7593
 




More information about the list mailing list