WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
13 March, 2000
NetProwler 3.0 Security Update 9

Important: This security update is considered obsolete. It has been superceded by Security Update 12.

Download obsolete signatures

Description

NetProwler 3.0 Security Update 9 introduces additional detection signatures for TFN, TFN2K, and Trinoo distributed denial-of-service activity in a 32-bit Windows environment. Additionally, existing signatures for TFN, TFN2K, and Stacheldraht have been strengthened, and in some cases, modified to differentiate between master and daemon.

This update supercedes all signatures in updates 6, 7, and 8.

Updated/New Signatures

  • Stacheldraht_activity_detected
  • Stacheldraht_agent_detected
  • Stacheldraht_handler_detected
  • TFN_activity_detected
  • TFN_daemon_detected_via_command
  • TFN_master_detected_via_command
  • TFN_shell_created
  • TFN2K_activity_detected
  • Trinoo_client_activity_detected
  • Trinoo_daemon_detected_via_HELLO
  • Trinoo_daemon_detected_via_png
  • Trinoo_daemon_detected_via_shi
  • Trinoo_daemon_suspected_due_to_incoming_command
  • Trinoo_master_detected_via_client_activity
  • Trinoo_master_detected_via_command
  • Trinoo_master_detected_via_png
  • Trinoo_master_detected_via_shi
  • Trinoo_master_suspected_due_to_incoming_HELLO

Obsolete Signatures

  • TFN_ack_detected
  • TFN_icmp_command_detected
  • TFN_psize_command_detected
  • TFN_sendsyn_command_detected
  • TFN_sendudp_command_detected
  • TFN_shell_command_detected
  • TFN_shell_detected
  • TFN_smurf_command_detected
  • TFN_stopit_command_detected
  • TFN_switch_command_detected
  • Trin00_Broadcast_Detected
  • Trin00_Master_Connect
  • Trin00_Master_Detected

Additional Resources


Last modified on: Thursday, 27-Sep-01 18:04:51
Site Map · Legal Notices · Privacy Policy · · Contact Us · Global Sites · License Agreements
©1995 - 2008 Symantec Corporation