Skip to content
Browse files

added Snort sig tests for MS SQL Server communication attempt

  • Loading branch information...
1 parent 87a8f3f commit 43548225246f3cbb2ae910899f419af22b345a31 @mrash committed Mar 24, 2012
Showing with 3 additions and 0 deletions.
  1. +1 −0 test/scans/iptables/ipv6_ms_sql_server_sig_match
  2. +2 −0 test/scans/iptables/ms_sql_server_sig_match
View
1 test/scans/iptables/ipv6_ms_sql_server_sig_match
@@ -0,0 +1 @@
+ipv6_tcp_connect_nmap_default_scan:Mar 17 13:39:13 linux kernel: [956932.522957] DROP IN=eth0 OUT= MAC=00:13:46:3a:41:36:00:1b:b9:76:9c:e4:86:dd SRC=2001:0db8:0000:f101:0000:0000:0000:0002 DST=2001:0db8:0000:f101:0000:0000:0000:0001 LEN=80 TC=0 HOPLIMIT=64 FLOWLBL=0 PROTO=TCP SPT=51397 DPT=1433 WINDOW=5760 RES=0x00 SYN URGP=0
View
2 test/scans/iptables/ms_sql_server_sig_match
@@ -0,0 +1,2 @@
+Mar 11 20:35:14 linux kernel: [463493.257294] DROP IN=eth1 OUT= MAC=23:87:fc:c6:24:58:00:21:3f:98:99:78:09:00 SRC=192.168.10.55 DST=192.168.10.1 LEN=44 TOS=0x00 PREC=0x00 TTL=39 ID=54575 PROTO=TCP SPT=56247 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 OPT (020405B4)
+Mar 11 20:35:15 linux kernel: [463494.258326] DROP IN=eth1 OUT= MAC=23:87:fc:c6:24:58:00:21:3f:98:99:78:09:00 SRC=192.168.10.55 DST=192.168.10.1 LEN=44 TOS=0x00 PREC=0x00 TTL=43 ID=10710 PROTO=TCP SPT=56248 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 OPT (020405B4)

0 comments on commit 4354822

Please sign in to comment.
Something went wrong with that request. Please try again.