Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Scanning for Trixbox vulnerabilities - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Scanning for Trixbox vulnerabilities

A reader writes in:

HTTP scans have started to include a TRIXBOX ( vulnerability.  Tribox is a modified implementation of the asterisk product focused at commercial enterprises.  It combines asterisk with some Cisco monitoring features.  It appears attackers are focusing on the cisco DOMIT RSS feature. - - [31/Jan/2009:00:58:15 -1000] "GET /cisco/services/rss/DOMIT/

domit_rss/domitBanner.gif HTTP/1.1" 404 26 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"

140 Posts
Feb 1st 2009

Sign Up for Free or Log In to start participating in the conversation!