Here http://marc.theaimsgroup.com/?l=snort-sigs&m=103401931132259&w=2
seems to be a full capture, and here there's lot of info (i. e.
signatures):
http://marc.theaimsgroup.com/?l=snort-sigs&w=2&r=1&s=bugbear&q=b
Maybe googling for +snort +bugbear will give you some direct
packet-level signature to look for...
Cristian.
-----Original Message-----
From: ethereal-users-bounces@xxxxxxxxxxxx
[mailto:ethereal-users-bounces@xxxxxxxxxxxx] On Behalf Of Mark Thorne
Sent: Friday, February 06, 2004 9:40
To: ethereal-users@xxxxxxxxxxxx
Subject: [Ethereal-users] Identifying Bugbear packets.
Hi, a old sore has come back on a small part of the Network, I want to
deploy ethereal to trace the rouge pc generating the traffic but i could
do with knowing what filter to set for Bugbear, could anyone advise what
to configure ? I've tried looking for packet examples but haven't found
any.
Regards
Mark
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept
for the presence of computer viruses.
Please contact internet.administrators@xxxxxxxxxxxxxxxxxxxxxxx
with any queries.