##alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"ET DELETED SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2}?)|(v[167][0-9]\.[0-9]{1,2})))/ism"; reference:url,doc.emergingthreats.net/bin/view/Main/2002474; classtype:policy-violation; sid:2002474; rev:6;)

Added 2012-04-23 23:04:06 UTC


#alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"ET POLICY SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2}?)|(v[167][0-9]\.[0-9]{1,2})))/ism"; reference:url,doc.emergingthreats.net/bin/view/Main/2002474; classtype:policy-violation; sid:2002474; rev:5;)

Added 2011-10-12 19:11:45 UTC


#alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"ET POLICY SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2}?)|(v[167][0-9]\.[0-9]{1,2})))/ism"; classtype:policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2002474; sid:2002474; rev:5;)

Added 2011-09-14 22:22:14 UTC


#alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"ET POLICY SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2}?)|(v[167][0-9]\.[0-9]{1,2})))/ism"; classtype:policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2002474; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Classified_Information; sid:2002474; rev:5;)

Added 2011-02-04 17:21:52 UTC


#alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"ET POLICY SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2}?)|(v[167][0-9]\.[0-9]{1,2})))/ism"; classtype:policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2002474; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Classified_Information; sid:2002474; rev:5;)

Added 2009-02-10 20:53:05 UTC


#alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"ET POLICY SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2}?)|(v[167][0-9]\.[0-9]{1,2})))/ism"; classtype:policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2002474; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Classified_Information; sid:2002474; rev:5;)

Added 2009-02-10 20:53:05 UTC


#alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"ET POLICY SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2}?)|(v[167][0-9]\.[0-9]{1,2})))/ism"; classtype:policy-violation; sid:2002474; rev:4;)

Added 2008-01-31 18:48:08 UTC


#alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"ET POLICY SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2}?)|(v[167][0-9]\.[0-9]{1,2})))/ism"; classtype:policy-violation; sid:2002474; rev:4;)

Added 2008-01-31 18:48:08 UTC


#alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"BLEEDING-EDGE POLICY SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2}?)|(v[167][0-9]\.[0-9]{1,2})))/ism"; classtype:policy-violation; sid:2002474; rev:3;)

Added 2007-08-02 23:31:19 UTC


#alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"BLEEDING-EDGE POLICY SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2}?)|(v[167][0-9]\.[0-9]{1,2}))/ism"; classtype:policy-violation; sid:2002474; rev:2;)

Added 2007-07-28 23:45:41 UTC


#alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"BLEEDING-EDGE POLICY SMTP DSM-IV Code"; flow:to_server,established; content:"Subject|3A|"; pcre:"/\Wdsm\W[\s\w,/-]*(?=([2-9][0-9]{2}(\.[0-9]{1,2)?)|(v[167][0-9]\.[0-9]{1,2}))/ism"; classtype:policy-violation; sid:2002474; rev:1;)



Topic revision: r1 - 2012-04-24 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats