EmergingThreats> Main Web>2003594 (revision 1)EditAttach

alert tcp any any -> any 1024: (msg:"BLEEDING-EDGE CURRENT EVENTS DNS RPC Exploit big endian (specific to Metasploit Module)"; flow:to_server,established; flowbits:isset,BE.ms.dns.rpc; content:"|05|"; depth:1; content:"|00|"; distance:3; within:1; content:"|00 01|"; distance:17; within:2; reference:url,doc.bleedingthreats.net/bin/view/Main/MSRpcDns; sid:2003594;)

Added 2007-04-17 19:30:22 UTC


Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2007-04-17 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats