I published the following diary on isc.sans.edu: “New Waves of Scans Detected by an Old Rule“:
Who remembers the famous ShellShock (CVE-2014-6271)? This bug affected the bash shell in 2014 and was critical due to the facts that it was easy to exploit and that bash is a widespread shell used in many tools/applications. So, at this time, I created an OSSEC alerts to report ShellShock exploitation attempts against my servers. Still today, I’m getting a hit on this rule from time to time… [Read more]