The folks at Sourcefire have done the analyst community a great service by posting traffic captures of CME-24, aka "BlackWorm". Kudos also to the Common Malware Enumeration project for providing an easy way to reference malware! Once OpenPacket.org gets going, I hope to host these sorts of captures there.
Update: Check out this Sourcefire VRT analysis.
Jumat, 27 Januari 2006
Snort.org Posts BlackWorm Packet Captures
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar