Interestingly enough...
Jan Reister
Jan.Reister at unimi.it
Tue Nov 7 08:44:07 UTC 2006
On 31/10/2006 03:53, Fergie wrote:
> I found it interesting that Cisco added this their most recent IDS
> signatures:
Bleedingsnort has the following signatures:
2001728 || BLEEDING-EDGE POLICY TOR 1.0 Client Circuit Traffic ||
url,tor.eff.org
2002950 || BLEEDING-EDGE POLICY TOR 1.0 Server Key Retrival ||
url,tor.eff.org
2002951 || BLEEDING-EDGE POLICY TOR 1.0 Status Update || url,tor.eff.org
2002952 || BLEEDING-EDGE POLICY TOR 1.0 Inbound Circuit Traffic ||
url,tor.eff.org
2002953 || BLEEDING-EDGE POLICY TOR 1.0 Outbound Circuit Traffic ||
url,tor.eff.org
see: http://www.bleedingthreats.net/bleeding-sid-msg-map.txt
Enterasys Dragon has a TOR:NEGOTIATION rule in the MISUSE category.
My two eurocent.
Jan
More information about the tor-talk
mailing list