[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Interestingly enough...
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Interestingly enough...
- From: Jan Reister <Jan.Reister@xxxxxxxx>
- Date: Tue, 07 Nov 2006 09:44:07 +0100
- Delivered-to: archiver@seul.org
- Delivered-to: or-talk-outgoing@seul.org
- Delivered-to: or-talk@seul.org
- Delivery-date: Tue, 07 Nov 2006 03:44:06 -0500
- In-reply-to: <20061030.185511.717.853601@webmail53.lax.untd.com>
- References: <20061030.185511.717.853601@webmail53.lax.untd.com>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Thunderbird 1.5.0.7 (X11/20060927)
On 31/10/2006 03:53, Fergie wrote:
> I found it interesting that Cisco added this their most recent IDS
> signatures:
Bleedingsnort has the following signatures:
2001728 || BLEEDING-EDGE POLICY TOR 1.0 Client Circuit Traffic ||
url,tor.eff.org
2002950 || BLEEDING-EDGE POLICY TOR 1.0 Server Key Retrival ||
url,tor.eff.org
2002951 || BLEEDING-EDGE POLICY TOR 1.0 Status Update || url,tor.eff.org
2002952 || BLEEDING-EDGE POLICY TOR 1.0 Inbound Circuit Traffic ||
url,tor.eff.org
2002953 || BLEEDING-EDGE POLICY TOR 1.0 Outbound Circuit Traffic ||
url,tor.eff.org
see: http://www.bleedingthreats.net/bleeding-sid-msg-map.txt
Enterasys Dragon has a TOR:NEGOTIATION rule in the MISUSE category.
My two eurocent.
Jan