alert tcp $HOME_NET any -> $EXTERNAL_NET 25 (msg:"BLEEDING-EDGE CURRENT EVENTS Guard Targeted Phish Email Drop Attempt"; flow:established,to_server; content:"To\: firstbts@gmail.com"; nocase; reference:url,www.bleedingthreats.net/index.php/2007/02/13/guardzip-phish-very-targeted-sig-available/; reference:url,isc.sans.org/diary.html?n&storyid=2277; classtype:attempted-admin; sid:2003430; rev:1;)



Topic revision: r1 - 2008-01-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats