Wireshark · Ethereal-users: [Ethereal-users] Repository of capture strings?

Ethereal-users: [Ethereal-users] Repository of capture strings?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Roger Smith <rogers@xxxxxxxx>

Date: Fri, 05 Mar 2004 10:16:54 -0800

I am new to the list and Ethereal. However it is very helpful to find outabusers of our network.

I am wondering if there is a repository of capture strings for the variousvirii/worm exploits that are prevalent? Capture strings like the one thatI found for the blaster worm:


dst port 135 and tcp port 135 and ip[2:2]==48

I think this would be very helpful to sniff out infected systems. It wouldbe nice to have a web site or some other reference that lists these aspeople find capture strings that are useful.


Thanks!


Roger Smith                       | Opinions are my own.
Application Manager               | Reunited Adoptee
Tulare County Office of Education | Owner of CA Adoptees Mailing List
559-733-6027   FAX 559-625-9581   | Moderator of soc.adoption.adoptees

Prev by Date: [Ethereal-users] Network type 99
Next by Date: [Ethereal-users] Ethereal The Best
Previous by thread: Re: [Ethereal-users] Network type 99
Next by thread: [Ethereal-users] Ethereal The Best
Index(es):
- Date
- Thread