No, really nothing, maybe if i analyse the ids signature of a snort rules - For the logs and writing, it depends... there so much attack in a POST request. Do you try ossec on with mod_dumpost ?
----- Mail original ----- De: [email protected] À: [email protected] Cc: [email protected] Envoyé: Mercredi 26 Novembre 2014 15:19:08 Objet: Re: Rules for MS14-066 I have not seen a log in the wild that would let me write a rule for this Any luck on your end? On Thursday, November 20, 2014 5:07:31 AM UTC-5, [email protected] wrote: hi does someone has rule for MS14-066 ? https://technet.microsoft.com/en-us/library/security/ms14-066.aspx or maybe some logs i can work on ? thanks ! -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
