Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Snort rule update - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Snort rule update
Sourcefire's VRT has published rules to catch attacks targeting the following vulnerabilities:

Microsoft Security Bulletin MS06-054 Microsoft Publisher
Microsoft Security Bulletin MS06-053 Microsoft Indexing Service
Microsoft Security Bulletin MS06-008 Microsoft Web Client Service (Webdav)
Microsoft Security Bulletin MS06-007 The Microsoft Windows Operating system suffers from a Denial of Service (DoS) condition that is present when handling malformed IGMPv3 data

Also Snort was published today that includes a new DNS preprocessor that will catch:
Microsoft Security Bulletin MS06-041 The Microsoft Windows DNS Client

Get your fresh Snort rule updates here.  For complete information about the rule pack, please go here.  Finally, to download Snort, go here.

Update #1
Joel Esler, from 35,000ft in the air, has added a note to this story, and that is...

The above listed rules, available from Sourcefire, are subscription only at this time.  After a period of time they will be available to the public, for free.

For Joel Esler,

Tony Carothers
Handler on Duty


454 Posts
Sep 15th 2006

Sign Up for Free or Log In to start participating in the conversation!