View Latest Revision

signatures

Legend:

: Added
: Modified
: Copied or renamed

	Rev	Chgset	Date	Author	Log Message
(edit)	@2129	[2129]	12/11/07 23:56:10	mbr	signature update to require 404-byte IP packets for the Slammer worm
(edit)	@2071	[2071]	06/16/07 21:08:35	mbr	minor msg field typo fix for the 'MISC Microsoft PPTP communication …
(edit)	@1856	[1856]	12/18/06 19:41:25	mbr	comment updates to document psad extensions of Snort rules
(edit)	@1824	[1824]	12/11/06 22:26:40	mbr	added Nachi worm reconnaisannce icmp signature
(edit)	@1765	[1765]	12/05/06 21:26:59	mbr	added Slammer sig
(edit)	@1760	[1760]	12/04/06 15:00:17	mbr	removed sid value since the Subseven sig is not derived from Snort
(edit)	@1759	[1759]	12/04/06 14:57:27	mbr	added PSAD-CUSTOM rules section, added Subseven and Kuang2 signatures
(edit)	@1757	[1757]	12/03/06 22:58:41	mbr	restored dsize to >20 since psad itself handles greater TCP header sizes …
(edit)	@1739	[1739]	11/30/06 22:55:43	mbr	added 'MISC Microsoft SQL Server communication attempt'
(edit)	@1735	[1735]	11/29/06 23:52:12	mbr	added 'MISC Radmin Default install options attempt' signature
(edit)	@1734	[1734]	11/29/06 23:48:36	mbr	Added 'MISC Ghostsurf communication attempt' signature
(edit)	@1733	[1733]	11/29/06 23:27:54	mbr	changed classtype to attempted-admin on VNC signature
(edit)	@1732	[1732]	11/29/06 23:26:47	mbr	Added MISC VNC communication attempt
(edit)	@1720	[1720]	11/27/06 22:08:38	mbr	replaced dsize:>20 criteria with psad_dsize:>100 in 'BAD-TRAFFIC data in …
(edit)	@1709	[1709]	11/26/06 13:08:24	mbr	added psad_dsize text
(edit)	@1704	[1704]	11/26/06 02:32:20	mbr	Added psad_id to ipEye sig
(edit)	@1691	[1691]	11/25/06 22:50:21	mbr	added ipopts signatures
(edit)	@1688	[1688]	11/24/06 15:42:45	mbr	added ipEye signature, added 'data in TCP SYN packet' (with dsize:>20 …
(edit)	@1673	[1673]	11/17/06 10:58:45	mbr	added url reference for Windows popup spam attempt signature
(edit)	@1670	[1670]	11/17/06 09:19:36	mbr	added Windows popup spam signature
(edit)	@1667	[1667]	11/16/06 23:09:15	mbr	merged 1648:1666 from the sigdevel branch into the trunk
(add)	@1078	[1078]	06/08/04 21:33:05	mbr	updated pathname

Note: See TracRevisionLog for help on using the revision log.

Download in other formats: