-
March 3rd, 2004, 09:28 PM
#1
Senior Member
SQL worm propagation ?
i found a IDS alert telling me that someone tries to propagate a sql worm.
it's coming from a nonexisting LAN ip.
so my question :
should i switch off this rule?
i'm not running any sql server.
or should i have a look for where it comes from ?
how can i?
(for information: i'm running w2k behind a firewall/gateway server using clarkconnect 2.1 with snort installed)
thx
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|