Also by Shirkdog, our new CA Expert. Willing or not…
alert tcp $EXTERNAL_NET any -> $HOME_NET 2200 (msg:”BLEEDING-EDGE EXPLOIT Computer Associates BrightStor ARCserve Backup for Laptops
LGServer.exe DoS”; flow:established,to_server; content:”|ff ff ff ff|”; offset:16; depth:4; classtype:attempted-dos; reference:url,
www.securityfocus.com/archive/1/archive/1/458650/100/0/threaded; sid:2003379; rev:1;)

Matt

This entry was posted on Saturday, February 3rd, 2007 at 10:35 pm and is filed under General, New Rules. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.