File: 1761.txt

package info (click to toggle)
snort 2.7.0-20.4
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 34,512 kB
  • ctags: 18,772
  • sloc: ansic: 115,404; sh: 10,893; makefile: 1,372; perl: 487; sql: 213
file content (56 lines) | stat: -rw-r--r-- 909 bytes parent folder | download | duplicates (6)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
Rule:

--
Sid:
1761

--
Summary:
This event is generated when network traffic indicating the use of an
IDS system on the protected network is detected.

--
Impact:
These tools may be used to compromise data on the network or may
indicate mis-use of other IDS systems.

--
Detailed Information:
This event indicates the use of an IDS tool. The source of the event
should be investigated carefully. These tools may be used to gather data
present in traffic on the protected network.

--
Affected Systems:
	All networks.

--
Attack Scenarios:
An unathorized user could use an IDS to gather data and observe traffic
present on the network.

--
Ease of Attack:
Simple.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:

--
Contributors:
Sourcefire Research Team
Brian Caswell <bmc@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>

--
Additional References:

--