alert tcp 66.151.158.177 8200 -> $HOME_NET any (msg:"ET POLICY GotoMyPC? poll.gotomypc.com Server Response to Polling Client OK"; flow: established,from_server; content:"cnt=0"; nocase; depth: 40; content:"eventid="; nocase; depth: 40; threshold: type limit, track by_src, count 1, seconds 360; reference:url,doc.emergingthreats.net/2002022; classtype:policy-violation; sid:2002022; rev:4;)

Added 2011-10-12 19:11:10 UTC


alert tcp 66.151.158.177 8200 -> $HOME_NET any (msg:"ET POLICY GotoMyPC? poll.gotomypc.com Server Response to Polling Client OK"; flow: established,from_server; content:"cnt=0"; nocase; depth: 40; content:"eventid="; nocase; depth: 40; threshold: type limit, track by_src, count 1, seconds 360; classtype: policy-violation; reference:url,doc.emergingthreats.net/2002022; sid:2002022; rev:4;)

Added 2011-09-14 21:12:16 UTC


alert tcp 66.151.158.177 8200 -> $HOME_NET any (msg:"ET POLICY GotoMyPC? poll.gotomypc.com Server Response to Polling Client OK"; flow: established,from_server; content:"cnt=0"; nocase; depth: 40; content:"eventid="; nocase; depth: 40; threshold: type limit, track by_src, count 1, seconds 360; classtype: policy-violation; reference:url,doc.emergingthreats.net/2002022; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_GotoMyPC; sid:2002022; rev:4;)

Added 2011-02-04 17:21:41 UTC


alert tcp 66.151.158.177 8200 -> $HOME_NET any (msg:"ET POLICY GotoMyPC? poll.gotomypc.com Server Response to Polling Client OK"; flow: established,from_server; content:"cnt=0"; nocase; depth: 40; content:"eventid="; nocase; depth: 40; threshold: type limit, track by_src, count 1, seconds 360; classtype: policy-violation; reference:url,doc.emergingthreats.net/2002022; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_GotoMyPC; sid:2002022; rev:4;)

Added 2010-06-28 22:46:58 UTC


alert tcp 66.151.158.177 8200 -> $HOME_NET any (msg:"ET POLICY GotoMyPC? poll.gotomypc.com Server Response to Polling Client OK"; flow: established,from_server; content:"cnt=0"; nocase; depth: 40; content:"eventid="; nocase; depth: 40; threshold: type limit, track by_src, count 1, seconds 360; classtype: policy-violation; reference:url,doc.emergingthreats.net/2002022; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_GotoMyPC; sid:2002022; rev:4;)

Added 2010-06-28 22:46:58 UTC


alert tcp 66.151.158.177 8200 -> $HOME_NET any (msg:"ET POLICY GotoMyPC? poll.gotomypc.com Server Response to Polling Client OK"; flow: established,from_server; content:"cnt=0"; nocase; depth: 40; content:"eventid="; nocase; depth: 40; threshold: type limit, track by_src, count 1, seconds 360; classtype: policy-violation; reference:url,doc.emergingthreats.net/2002022; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_GotoMyPC; sid: 2002022; rev:4;)

Added 2009-02-11 19:15:22 UTC


alert tcp 66.151.158.177 8200 -> $HOME_NET any (msg:"ET POLICY GotoMyPC? poll.gotomypc.com Server Response to Polling Client OK"; flow: established,from_server; content:"cnt=0"; nocase; depth: 40; content:"eventid="; nocase; depth: 40; threshold: type limit, track by_src, count 1, seconds 360; classtype: policy-violation; reference:url,doc.emergingthreats.net/2002022; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_GotoMyPC; sid: 2002022; rev:4;)

Added 2009-02-11 19:15:22 UTC


alert tcp 66.151.158.177 8200 -> $HOME_NET any (msg:"ET POLICY GotoMyPC? poll.gotomypc.com Server Response to Polling Client OK"; flow: established,from_server; content:"cnt=0"; nocase; depth: 40; content:"eventid="; nocase; depth: 40; threshold: type limit, track by_src, count 1, seconds 360; classtype: policy-violation; sid: 2002022; rev:3;)

Added 2008-01-31 18:48:09 UTC


alert tcp 66.151.158.177 8200 -> $HOME_NET any (msg:"ET POLICY GotoMyPC? poll.gotomypc.com Server Response to Polling Client OK"; flow: established,from_server; content:"cnt=0"; nocase; depth: 40; content:"eventid="; nocase; depth: 40; threshold: type limit, track by_src, count 1, seconds 360; classtype: policy-violation; sid: 2002022; rev:3;)

Added 2008-01-31 18:48:09 UTC


alert tcp 66.151.158.177 8200 -> $HOME_NET any (msg: "BLEEDING-EDGE GotoMyPC? poll.gotomypc.com Server Response to Polling Client OK"; flow: established,from_server; content:"cnt=0"; nocase; depth: 40; content:"eventid="; nocase; depth: 40; threshold: type limit, track by_src, count 1, seconds 360; classtype: policy-violation; sid: 2002022; rev:2; )



Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats