alert tcp $HOME_NET 139 -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; reference:url,doc.emergingthreats.net/bin/view/Main/2006417; classtype:policy-violation; sid:2006417; rev:8; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 20:59:37 UTC


alert tcp $HOME_NET 139 -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; reference:url,doc.emergingthreats.net/bin/view/Main/2006417; classtype:policy-violation; sid:2006417; rev:10;)

Added 2011-10-12 19:20:40 UTC


alert tcp $HOME_NET 139 -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2006417; sid:2006417; rev:10;)

Added 2011-09-14 22:34:13 UTC


alert tcp $HOME_NET 139 -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2006417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_Short_Lanman_Auth_Challenge; sid:2006417; rev:10;)

Added 2011-02-04 17:25:21 UTC


alert tcp $HOME_NET 139 -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2006417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_Short_Lanman_Auth_Challenge; sid:2006417; rev:8;)

Added 2010-06-15 13:15:59 UTC


alert tcp $HOME_NET 139 -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2006417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_Short_Lanman_Auth_Challenge; sid:2006417; rev:8;)

Added 2010-06-15 13:15:59 UTC


alert tcp $HOME_NET 139 -> $EXTERNAL_NET any (msg:"ET ATTACK RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2006417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_Short_Lanman_Auth_Challenge; sid:2006417; rev:7;)

Added 2009-02-06 19:00:55 UTC


alert tcp $HOME_NET 139 -> $EXTERNAL_NET any (msg:"ET ATTACK RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; reference:url,doc.emergingthreats.net/bin/view/Main/2006417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_Short_Lanman_Auth_Challenge; sid:2006417; rev:7;)

Added 2009-02-06 19:00:55 UTC


alert tcp $HOME_NET 139 -> $EXTERNAL_NET any (msg:"ET ATTACK RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; sid:2006417; rev:6;)

Added 2008-05-18 19:52:13 UTC


alert tcp $HOME_NET 139 -> $EXTERNAL_NET any (msg:"ET ATTACK RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; sid:2006417; rev:6;)

Added 2008-05-18 19:52:13 UTC


alert tcp $HOME_NET 139 -> any any (msg:"ET ATTACK RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; sid:2006417; rev:5;)

Added 2008-01-23 10:46:28 UTC


alert tcp $HOME_NET 139 -> any any (msg:"ET ATTACK RESPONSE Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; sid:2006417; rev:5;)

Added 2008-01-23 10:46:28 UTC


alert tcp $HOME_NET 139 -> any any (msg:"BLEEDING-EDGE POLICY Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; sid:2006417; rev:2;)

Added 2007-07-27 03:31:17 UTC


alert tcp $HOME_NET 139 -> any any (msg:"BLEEDING-EDGE POLICY Weak Netbios Lanman Auth Challenge Detected"; flow:from_server; content:"|ff 53 4d 42|"; content:"|00 11 22 33 44 55 66 77 88|"; classtype:policy-violation; sid:2006417; rev:2;)

Added 2007-07-27 03:12:10 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg: "BLEEDING-EDGE MALWARE Platinumreward.co.kr Spyware User Agent (WT_GET_COMM)"; flow:established,to_server; content:"User-Agent\: WT_GET_COMM"; classtype:trojan-activity; sid:2006417; rev:1;)

Added 2007-07-24 06:57:40 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg: "BLEEDING-EDGE MALWARE Platinumreward.co.kr Spyware User Agent (WT_GET_COMM)"; flow:established,to_server; content:"User-Agent\: WT_GET_COMM"; classtype:trojan-activity; sid:2006417; rev:1;)

Added 2007-07-24 06:57:40 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats