alert tcp $HOME_NET any -> $EXTERNAL_NET 25 (msg: "BLEEDING-EDGE VIRUS MyDoom?/MIMAIL.R Outbound 2"; flow: to_server,established; content:"Mail transaction failed"; nocase; content:"Content-Type\: application/octet-stream"; nocase; content:"Content-Transfer-Encoding\: base64"; nocase; classtype: trojan-activity; reference:url,vil.mcafeesecurity.com/vil/content/Print100989.htm; sid: 2001275; rev:8; )



Topic revision: r1 - 2008-01-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats