#alert tcp $EXTERNAL_NET any -> $HOME_NET 25 (msg:"BLEEDING-EDGE VIRUS W32.Nyxem-D SMTP inbound"; flow:established,to_server; content:"YmVnaW4gNjY0I"; content:"ICAgICAgICAgICAgICAgICAgICAgICA"; distance:31; within:31; classtype:trojan-activity; reference:url,www.sophos.com/virusinfo/analyses/w32nyxemd.html; sid: 2002779; rev:1;)



Topic revision: r1 - 2008-01-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats