rules time stamp 131024 is 348194 s in the future tar rulesweb

Rules time stamp 131024 is 348194 s in the future tar

This preview shows page 48 - 51 out of 55 pages.

tar: rules/web-cgi.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/web-attacks.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/virus.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/tftp.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/telnet.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/sql.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/smtp.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/shellcode.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/scan.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future
Image of page 48
Automatically Updating Snort Rules 123 tar: rules/rservices.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/rpc.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/porn.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/policy.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/netbios.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/misc.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/local.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/info.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/icmp.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/icmp-info.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/ftp.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/finger.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/exploit.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/dos.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/dns.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/ddos.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/bad-traffic.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/backdoor.rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules/snort.conf: time stamp 2002-07-14 13:10:24 is 348194 s in the future tar: rules: time stamp 2002-07-14 13:10:24 is 348194 s in the future done. Disabling rules according to ./oinkmaster.conf... 0 rules disabled. Comparing new files to the old ones... done. [***] Results from Oinkmaster started Wed Jul 10 12:25:37 2002 [***] [*] Rules added/removed/modified: [*] [+++] Added: [+++] -> File "tftp.rules": alert udp any any -> any 69 (msg:"TFTP GET shadow"; content: "|0001|"; offset:0; depth:2; content:"shadow"; nocase; classtype:successful-admin; sid:1442; rev:1;) alert udp any any -> any 69 (msg:"TFTP GET passwd"; content: "|0001|"; offset:0; depth:2; content:"passwd"; nocase; classtype:successful-admin; sid:1443; rev:1;) alert udp $EXTERNAL_NET any -> $HOME_NET 69 (msg:"TFTP parent directory"; content:".."; reference:arachnids,137; reference:cve,CVE-1999-0183; classtype:bad-unknown; sid:519; rev:1;) [///] Modified active: [///] -> File "tftp.rules":
Image of page 49
124 Chapter 3 Working with Snort Rules Old: alert udp $EXTERNAL_NET any -> $HOME_NET 64 (msg:"TFTP Put"; content:"|00 02|"; offset:0; depth:2; reference:cve,CVE-1999-0183; reference:arachnids,148; classtype:bad-unknown; sid:518; rev:3;) New: alert udp $EXTERNAL_NET any -> $HOME_NET 69 (msg:"TFTP Put"; content:"|00 02|"; offset:0; depth:2; reference:cve,CVE-1999-0183; reference:arachnids,148; classtype:bad-unknown; sid:518; rev:3;) [*] Non-rule lines added/removed: [*] None.
Image of page 50
Image of page 51

You've reached the end of your free preview.

Want to read all 55 pages?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture