BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

first time snort

Subject: first time snort
From: nmeyers at javalinux.net (nmeyers at javalinux.net)
Date: Fri Sep 10 10:39:00 2004
In-reply-to: <20040910141021.88142.qmail@web61208.mail.yahoo.com>
References: <20040910141021.88142.qmail@web61208.mail.yahoo.com>

On Fri, Sep 10, 2004 at 07:10:21AM -0700, Eric wrote:
> I just turned on snort for the first time.  It's so
> cool...  Within fifteen minutes I got something to
> see.
> 
> Log
> Date:	09/10 04:46:01 	Name:	WEB-IIS ISAPI .ida attempt
> Priority:	1 	Type:	Web Application Attack...
> 
> New stuff to check out!  But why would someone do
> that?  I'm obviously not using windows...  Is this
> automated?  And do you guys see this stuff constantly?

All the time. These worms aren't discriminating - you're listening at
port 80, so you're fair game.

Nathan

References:
- first time snort
  - From: eric235u at yahoo.com (Eric)

Prev by Date: first time snort
Next by Date: first time snort
Previous by thread: first time snort
Next by thread: first time snort
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org