It could be a false negative, or the other sensor could be firing a false positive.
Would you be willing to send me captures of the exploit traffic?
David Means
Internet Security Systems
XForce R&D Software Engineer
Ph: 404-236-2842
-----Original Message-----
From: [EMAIL PROTECTED] On Behalf Of German A Suarez
Nahon
Sent: Tuesday, May 25, 2004 8:52 AM
To: [EMAIL PROTECTED]
Subject: [ISSForum] HTTP_1_1_Chunked_Encoding_Transfer
Importance: High
Hi everyone...
Anybody know this "attack"? We have another IDS services and they can
detec that event. My question is �Why not our Network Sensors?
Saludos....
Germ�n Alberto Su�rez Nah�n
Banco Mercantil CA SACA
Seguridad de la Informaci�n
Phone: 58 212 5030270 / 0026 (Fax)
http://www.bancomercantil.com
mailto:[EMAIL PROTECTED]
_______________________________________________
ISSForum mailing list
[EMAIL PROTECTED]
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to [EMAIL PROTECTED]
The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303
Barfield Road, Atlanta, Georgia, USA 30328.
_______________________________________________
ISSForum mailing list
[EMAIL PROTECTED]
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to [EMAIL PROTECTED]
The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303
Barfield Road, Atlanta, Georgia, USA 30328.
