Solved

Signature & CVE id for Pyloris

Posted on 2014-09-17
1
201 Views
Last Modified: 2014-10-04
https://cve.mitre.org/find/index.html   will give a CVE id for Slowloris
but not Pyloris.

Trendmicro 'approximated' that one of their IPS signature
“1003598 - Multiple HTTP Server Low Bandwidth Denial Of Service”
deals with both Slowloris & Pyloris.

I used the term 'approximated' because in Trend's signature database,
there is no equivalent CVE id for this signature while most of their
other signatures has a CVE id.

Q1:
Anyone know if Pyloris has a CVE id & what is the id?

Q2:
Does TippingPoint has a signature (or in HP's term, it's called
'Digital Vaccine') for Pyloris?   We found one for Slowloris but
not Pyloris

Q3:
As TrendMicro's host-based IPS (ie sit inside the servers) has
only one signature to deal with both Slowloris & Pyloris, can
I by the same token, reckon that TippingPoint's vaccine which
deal with Slowloris is likely to be able to deal with Pyloris by
tracking/blocking  "Low Bandwidth DoS" ?  Reason is we can't
locate any vaccine (or signature) in TippingPoint that specifically
deals with Pyloris.  TrendMicro must have run into the same
situation that they use only one signature for both threats.

I'm suspecting it's the behavior/characteristics of both
Pyloris & Slowloris not to take up much bandwidth that
they have a common signature for TrendMicro's IPS
0
Comment
Question by:sunhux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 62

Accepted Solution

by:
gheist earned 500 total points
ID: 40328539
CVE records vulnerabilieties, not exploits.
You can write same in shell script if you want, not python.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question