Here http://marc.theaimsgroup.com/?l=snort-sigs&m=103401931132259&w=2 seems to be a full capture, and here there's lot of info (i. e. signatures): http://marc.theaimsgroup.com/?l=snort-sigs&w=2&r=1&s=bugbear&q=b
Maybe googling for +snort +bugbear will give you some direct packet-level signature to look for... Cristian. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Thorne Sent: Friday, February 06, 2004 9:40 To: [EMAIL PROTECTED] Subject: [Ethereal-users] Identifying Bugbear packets. Hi, a old sore has come back on a small part of the Network, I want to deploy ethereal to trace the rouge pc generating the traffic but i could do with knowing what filter to set for Bugbear, could anyone advise what to configure ? I've tried looking for packet examples but haven't found any. Regards Mark ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. Please contact [EMAIL PROTECTED] with any queries. _______________________________________________ Ethereal-users mailing list [EMAIL PROTECTED] http://www.ethereal.com/mailman/listinfo/ethereal-users
