[Emerging-Sigs] Shell command output outbound

Packet Hack pckthck at gmail.com
Fri Sep 26 10:47:56 EDT 2014


Are there sigs for outbound shell command outputs, like the output of
/usr/bin/id
or uname flying out port 80? Might help catching systems vulnerable to
Shellshock
and other exploits.

--pckthck
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20140926/0777bfa0/attachment-0001.html>


More information about the Emerging-sigs mailing list