Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello All,
New to sourcefire and an having an issue and could use some help. Have been getting emails all morning about intrusions and have not been able to track them down or get any info on them.
I think they are being blocked ( dropped) but want...
hello jetsy,
It appears that there is a new rule set that went into effect 6/30 with this rule enabled.
1:39380 <-> ENABLED <-> SERVER-OTHER Symantec MIME parser updateheader heap overflow attempt (server-other.rules)
Not sure where its picking up t...
hello Yogesh,
Thanks for your quick reply. I did manage to find the info on the packets being sent in the console under the analysis tab. Determined it was an email going to our help desk from a known source.
I do have a couple of questions still....
