From http://www.mcabee.org/lists/snort-users/Sep-02/msg00099.html >>AFAIK these are typical of command packets attempting to discover if the >>machine targeted has the "Q" backdoor/trojan. OR : http://www.whitehats.com/cgi/arachNIDS/Show?_id=ids202&view=research Regards, Thierry http://www.sniff-em.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Jan 26 2003 - 20:04:23 PST