Solved

Signature & CVE id for Pyloris

Posted on 2014-09-17
1
194 Views
Last Modified: 2014-10-04
https://cve.mitre.org/find/index.html   will give a CVE id for Slowloris
but not Pyloris.

Trendmicro 'approximated' that one of their IPS signature
“1003598 - Multiple HTTP Server Low Bandwidth Denial Of Service”
deals with both Slowloris & Pyloris.

I used the term 'approximated' because in Trend's signature database,
there is no equivalent CVE id for this signature while most of their
other signatures has a CVE id.

Q1:
Anyone know if Pyloris has a CVE id & what is the id?

Q2:
Does TippingPoint has a signature (or in HP's term, it's called
'Digital Vaccine') for Pyloris?   We found one for Slowloris but
not Pyloris

Q3:
As TrendMicro's host-based IPS (ie sit inside the servers) has
only one signature to deal with both Slowloris & Pyloris, can
I by the same token, reckon that TippingPoint's vaccine which
deal with Slowloris is likely to be able to deal with Pyloris by
tracking/blocking  "Low Bandwidth DoS" ?  Reason is we can't
locate any vaccine (or signature) in TippingPoint that specifically
deals with Pyloris.  TrendMicro must have run into the same
situation that they use only one signature for both threats.

I'm suspecting it's the behavior/characteristics of both
Pyloris & Slowloris not to take up much bandwidth that
they have a common signature for TrendMicro's IPS
0
Comment
Question by:sunhux
1 Comment
 
LVL 62

Accepted Solution

by:
gheist earned 500 total points
ID: 40328539
CVE records vulnerabilieties, not exploits.
You can write same in shell script if you want, not python.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Access-List for Multiple VLAN on 3560 Switch 10 49
optimal method deal ransomware in files folders 9 117
Work with App store 7 51
Extra security implementation for 2017 9 49
OfficeMate Freezes on login or does not load after login credentials are input.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question