Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC: Snort rule update SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Snort rule update
Sourcefire's VRT has published rules to catch attacks targeting the following vulnerabilities:

Microsoft Security Bulletin MS06-054 Microsoft Publisher
Microsoft Security Bulletin MS06-053 Microsoft Indexing Service
Microsoft Security Bulletin MS06-008 Microsoft Web Client Service (Webdav)
Microsoft Security Bulletin MS06-007 The Microsoft Windows Operating system suffers from a Denial of Service (DoS) condition that is present when handling malformed IGMPv3 data

Also Snort 2.6.0.2 was published today that includes a new DNS preprocessor that will catch:
Microsoft Security Bulletin MS06-041 The Microsoft Windows DNS Client

Get your fresh Snort rule updates here.  For complete information about the rule pack, please go here.  Finally, to download Snort 2.6.0.2, go here.

Update #1
-------------------------------------------------------------------------------------------
Joel Esler, from 35,000ft in the air, has added a note to this story, and that is...

The above listed rules, available from Sourcefire, are subscription only at this time.  After a period of time they will be available to the public, for free.

For Joel Esler,

Tony Carothers
Handler on Duty

Joel

454 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!