Wireshark · Ethereal-users: Re: [Ethereal-users] Identifying Bugbear packets.

Ethereal-users: Re: [Ethereal-users] Identifying Bugbear packets.

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Fri, 6 Feb 2004 12:30:17 -0800


On Feb 6, 2004, at 3:03 AM, Bergweiler, Christian (ATS Amsterdam) wrote:

Here http://marc.theaimsgroup.com/?l=snort-sigs&m=103401931132259&w=2
seems to be a full capture, and here there's lot of info (i. e.
signatures):
http://marc.theaimsgroup.com/?l=snort-sigs&w=2&r=1&s=bugbear&q=b

Maybe googling for +snort +bugbear will give you some direct
packet-level signature to look for...


And googling just for "snort" would show you

	http://www.snort.org/

which is the home page for a program that might be a better tool fordetecting viruses and other network intrusions than is Ethereal (asSnort was designed to be an intrusion detector that runs in thebackground, while Ethereal was designed to be a network analyzer to lethumans look at captures).


Another free-software IDS is Prelude:

	http://www.prelude-ids.org/

References:
- RE: [Ethereal-users] Identifying Bugbear packets.
  - From: Bergweiler, Christian (ATS Amsterdam)

Prev by Date: Re: [Ethereal-users] Custom data display-ers
Next by Date: [Ethereal-users] installation problems -> routine failure
Previous by thread: RE: [Ethereal-users] Identifying Bugbear packets.
Next by thread: [Ethereal-users] Can i save acp files as dmp files?
Index(es):
- Date
- Thread