1293.txt

来自「snort入侵检测规则文件2.4 Snort是众所周知的网络入侵检测工具」· 文本代码 · 共 67 行

TXT

67 行

Rule: --Sid:1293--Summary: This event is generated when traffic indicating Nimda worm activity isdetected.--Impact:Possible infection by the Nimda virus.--Detailed Information:Nimda spreads by file infection, mass emailer, file share, or IIS unicode exploit to attack unpatched systems.--Affected Systems:	Windows 95	Windows 98	Windows ME	Windows 2000--Attack Scenarios:An unpatched server is connected to the internet and is infected oran infected email is opened. Once infected the worm spreads itself.--Ease of Attack:Simple--False Positives:None known--False Negatives:None known--Corrective Action:Check the suspect host for signs of infection. Apply patches or upgrade the operating system--Contributors:Snort documentation contributed by Timothy VienneauSourcefire Research TeamBrian Caswell <bmc@sourcefire.com>Nigel Houghton <nigel.houghton@sourcefire.com>-- Additional References:Microsoft:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/topics/virus/nimda.aspF-Secure:http://www.f-secure.com/v-descs/nimda.shtml--

1293.txt - 源码说明

本页面展示了「snort入侵检测规则文件2.4 Snort是众所周知的网络入侵检测工具」中的 1293.txt 源码文件，采用文本编程语言编写，共 67 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与snort相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?