Bleeding Snort caution

Monday, July 31st, 2006

For those of you that aren’t aware…. Bleeding Snort is a collection of “bleeding edge” snort signatures. Snort is an intrusion detection framework. This note is by way of SARC that the domain is now no longer under their control. is and continues to be their official domain. Unfortunately it appears as though [...]

Linux network worm…

Monday, November 7th, 2005

There is a linux network worm (virus) in the wild, which I’ve mentioned already in an earlier post. I did want to take a few moments to highlight this and dispell a few myths. (This is the first linux virus I recall seeing over at SARC in the last couple years….) Myth #1) linux doesn’t [...]

Zotob updates

Monday, August 15th, 2005

A couple of late afternoon updates at the handlers diary at (sans institute). For starters, it looks like there may be a variation of zotob that has a mass mailer included. I didn’t specifically see this in SARC’s writeups of zotob.a or zotob.b, so, I’m wondering if this is going to be a .c? [...]


Switch to our mobile site