Is your network invincible?
80 - 90% of most hacking is
done internally. Intrusion Detection Devices are
performing frame inspection looking for hack signatures. Frames don’t lie! Use
your analyzer to look for hack signatures with filters.
For more information on keeping your network
secure, check out the following:
May the frames be with you!
Hack Signature and Virus Filters for Observer:
Bug Bear Virus - Offset 80 - Pattern = 5C 57 49
and Offset 89 - Pattern = 4E 4F 54
Lovesan Virus - Offset 34 - Pattern = 00 87, 11 5C, 02 C3
SQL Slammer Worm - Offset 34 - Pattern= 05 9A
Back Orifice - Offset 34 or 36 - Pattern = 7A 69
Check out the Network Instruments Support Page for more filters!
www.networkinstruments.com/support
 |
| |
|
|
|
| |
|
|
|
|
.gif){kind=small}
.gif){kind=small}
