Hi,
since some days we see "tcp-hijacking_tool" events in our environment. In the
details I can see that the tools are of type "Juggernaut" and one was of type
"Spoofit".
Now we would like to find out if these are false positives or if there are real
hijacking attempts. Has someone experiences with this event and can tell me how
to go on in analysis? what do we have to check?
Thanks for help
Daniel
---------------------------------
Gesendet von Yahoo! Mail - Jetzt mit 1GB kostenlosem Speicher
_______________________________________________
ISSForum mailing list
[email protected]
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to [EMAIL PROTECTED]
The ISSForum mailing list is hosted and managed by Internet Security Systems,
6303 Barfield Road, Atlanta, Georgia, USA 30328.
