#alert tcp $EXTERNAL_NET 1863 -> $HOME_NET any (msg: "BLEEDING-EDGE WORM General MSN Worm URL Attempt"; flow: established,from_server; content:".php?"; nocase; content:"email="; nocase; within: 5; content:"@"; nocase; within: 20; reference:url,isc.sans.org/diary.php?date=2005-04-13; classtype: attempted-admin; sid: 2001247; rev:6; )



Topic revision: r1 - 2008-01-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats