[Dshield] Mpack Snort Sigs?

Brian Varine brian.varine at us.army.mil
Tue Jun 19 00:33:41 GMT 2007

There was a pretty good write up in todays handlers diary about Mpack. Has 
anyone written good Snort sigs for this exploit? So far we've put one in to 
flag any downloads of o7.php, any other successful sigs?


More information about the list mailing list