alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Attack Tool Revolt Scanner"; flow:established,to_server; content:"User-Agent|3a| revolt"; http_header; reference:url,www.Whitehatsecurityresponse.blogspot.com; reference:url,doc.emergingthreats.net/2009288; classtype:web-application-attack; sid:2009288; rev:56;)

Added 2011-10-12 19:27:02 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Attack Tool Revolt Scanner"; flow:established,to_server; content:"User-Agent|3a| revolt"; http_header; classtype:web-application-attack; reference:url,www.Whitehatsecurityresponse.blogspot.com; reference:url,doc.emergingthreats.net/2009288; sid:2009288; rev:56;)

Added 2011-09-14 22:40:25 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Attack Tool Revolt Scanner"; flow:established,to_server; content:"User-Agent|3a| revolt"; http_header; classtype:web-application-attack; reference:url,www.Whitehatsecurityresponse.blogspot.com; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Revolt_Scanner; sid:2009288; rev:56;)

Added 2011-02-04 17:28:35 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent|3a| revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Revolt_Scanner; sid:2009288; rev:55;)

Added 2010-07-29 22:04:59 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent|3a| revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Revolt_Scanner; sid:2009288; rev:55;)

Added 2010-07-29 22:04:59 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent|3a| revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Revolt_Scanner; sid:2009288; rev:56;)

Added 2010-07-29 19:30:58 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET SCAN Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent|3a| revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Revolt_Scanner; sid:2009288; rev:56;)

Added 2010-07-29 19:30:58 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent|3a| revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Revolt_Scanner; sid:2009288; rev:55;)

Added 2009-10-06 14:19:04 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SERVER Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent|3a| revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_SERVER/WEB_Revolt_Scanner; sid:2009288; rev:55;)

Added 2009-10-06 14:19:04 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB PHP Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent|3a| revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Revolt_Scanner; sid:2009288; rev:4;)

Added 2009-05-04 15:16:30 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB PHP Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent|3a| revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Revolt_Scanner; sid:2009288; rev:4;)

Added 2009-05-04 15:16:30 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB PHP Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent|3a| revolt"; reference:url,www.Whitehatsecureityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Revolt_Scanner; sid:2009288; rev:3;)

Added 2009-04-24 13:15:34 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB PHP Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent|3a| revolt"; reference:url,www.Whitehatsecureityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Revolt_Scanner; sid:2009288; rev:3;)

Added 2009-04-24 13:15:34 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB PHP Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent: revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Revolt_Scanner; sid:2009288; rev:2;)

Added 2009-04-21 20:45:34 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB PHP Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent: revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009288; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB/WEB_Revolt_Scanner; sid:2009288; rev:2;)

Added 2009-04-21 20:45:34 UTC


alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB PHP Attack Tool Revolt Scanner"; flow:established,to_server; content:"|0d 0a|User-Agent: revolt"; reference:url,www.Whitehatsecurityresponse.blogspot.com; classtype:web-application-attack; sid:2009288; rev:1;)

Added 2009-04-21 16:07:29 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats