New Directives

February 3, 2009 | Jaime Blasco
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

I’ve just update the public CVS with some new directives as part of the effort we are doing to improve the upcoming installer:

Attacks:

  • Possible Successful Attack: Reverse Shell Access to the System
  • Possible POP3 Bruteforce against SRC_IP
  • Possible FTP Bruteforce against SRC_IP
  • Command execution against webserver on DST_IP
  • File /etc/passwd access on DST_IP
  • Possible SQL injection attempt against DST_IP
  • Possible attack against DST_IP (Symantec Remote Management RTVScan Exploit)
  • Possible sa account bruteforce against SRC_IP (SQL Server)
  • Possible VNC bruteforce against SRC_IP
  • Possible attack against DST_IP (Microsoft Server Service related attack)
  • Too many Cisco Firewall dropped events with destination DST_IP
  • Worms:

  • Possible Worm Infection against DST_IP
  • Possible Worm Infection against DST_IP via DCOM RPC vulnerability
  • Possible Worm Infection against DST_IP via Kill-Bill ASN1 vulnerability
  • Possible Worm Infection against DST_IP via Lsasrv.dll RPC vulnerability
  • Possible Worm Infection against DST_IP via WINS vulnerability
  • Possible attack against DST_IP (Microsoft Server Service related attack)
  • Possible worm scanning behavior on port DST_PORT
  • Misc:

  • Username gathering at SMTP server DST_IP
  • Jaime Blasco

    About the Author: Jaime Blasco
    Jaime Blasco is a renowned Security Researcher with broad experience in network security, malware analysis and incident response. At AlienVault, Jaime leads the Lab Intelligence and Research team that leads the charge of researching and integrating threat intelligence into detection mechanisms. Prior to working at AlienVault he founded a couple of startups (Eazel, Aitsec) working on web application security, source code analysis and incident response. He is based in San Francisco. Jaime's work in emerging threats and targeted attacks is frequently cited in international publications such as New York Times, BBC, Washington Post and Al Jazeera.
    Read more posts from Jaime Blasco ›

    ‹ BACK TO ALL BLOGS

    Watch a Demo ›
    GET PRICE FREE TRIAL