Hi Art,
Have you considered using Bro for ShellShock detection? It looks for
not only attempts, but successful exploitation:
http://blog.securityonion.net/2014/10/new-securityonion-bro-scripts-and.html
On Sat, Oct 25, 2014 at 11:03 AM, Art Mandler wrote:
> Hey folks -- Did anyone ever come up w
Thanks. I'll take a look at it. I'm pretty sure I have shellshock
patched, but I'm still seeing some files placed in my /tmp and /dev/shm
directories (although harmlessly as I've mounted them both noexec). I have
over 100 domains with php on my server, so obviously something is
compromised, but
On 10/25/2014 10:03 AM, Art Mandler wrote:
> Hey folks -- Did anyone ever come up with a working solution for 2.8?
Does the rule I posted not work for you?
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and s
Dear Antonio,
Thanks for the reply. The error appeared when compiling. The error specifically
says that winsock2.h should be used instead of ws2tcpip.h. As I understand it
the preferred way to build the windows agent is on Linux so I guess that is the
way to go.
Best wishes
Colin
-Ori