No, really nothing, maybe if i analyse the ids signature of a snort rules
- For the logs and writing, it depends...
there so much attack in a POST request.
Do you try ossec on with mod_dumpost ?
- Mail original -
De: gr...@castraconsulting.com
À: ossec-list@googlegroups.com
Cc: secucatc
I have not seen a log in the wild that would let me write a rule for this
Any luck on your end?
On Thursday, November 20, 2014 5:07:31 AM UTC-5, secuc...@free.fr wrote:
>
> hi
> does someone has rule for MS14-066 ?
> https://technet.microsoft.com/en-us/library/security/ms14-066.aspx
> or maybe