root login with telnetd
Wojciech Puchar
wojtek at tensor.gdynia.pl
Sun Mar 11 07:41:28 UTC 2007
> alert tcp $TELNET_SERVERS 23 -> $EXTERNAL_NET any (msg:"TELNET root login";
> flow
> :from_server,established; content:"login|3A| root";
> classtype:suspicious-login;
> sid:719; rev:7;)
>
could you please tell me who will be snorting it on MY network?
> Of course, if you really want to do this, I agree with everyone else -- just
> put your IP on this list, and we'll help you right on out. :-)
>
just answer my question, you VIM (very intelligent man).
More information about the freebsd-questions
mailing list