EditAttachPrintable
r1 - 02 Jul 2009 - 01:45:34 - TWikiGuestYou are here: TWiki >  Main Web > 2009476

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Possible jBroFuzz Fuzzer Detected"; flow:to_server,established; content:"|0d 0a|Host\: localhost"; content:"|0d 0a|User-Agent\: Mozilla/5.0 (Windows\; U\; Windows NT 5.1\; en-GB\; rv\:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1"; depth:130; distance:0; threshold: type threshold, track by_src, count 3, seconds 6; classtype:attempted-recon; reference:url,www.owasp.org/index.php/Category%3aOWASP_JBroFuzz; reference:url,doc.emergingthreats.net/2009476; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_jBroFuzz; sid:2009476; rev:3;)

Added 2009-07-01 21:45:34 UTC

 

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Possible jBroFuzz Fuzzer Detected"; flow:to_server,established; content:"|0d 0a|Host\: localhost"; content:"|0d 0a|User-Agent\: Mozilla/5.0 (Windows\; U\; Windows NT 5.1\; en-GB\; rv\:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1"; depth:130; distance:0; threshold: type threshold, track by_src, count 3, seconds 6; classtype:attempted-recon; reference:url,www.owasp.org/index.php/Category%3aOWASP_JBroFuzz; reference:url,doc.emergingthreats.net/2009476; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_jBroFuzz; sid:2009476; rev:3;)

Added 2009-07-01 21:45:34 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Possible jBroFuzz Fuzzer Detected"; flow:to_server,established; content:"|0d 0a|Host\: localhost"; content:"|0d 0a|User-Agent\: Mozilla/5.0 (Windows\; U\; Windows NT 5.1\; en-GB\; rv\:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1"; depth:130; distance:0; threshold: type threshold, track by_src, count 3, seconds 6; classtype:attempted-recon; reference:url,www.owasp.org/index.php/Category:OWASP_JBroFuzz; reference:url,doc.emergingthreats.net/2009476; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_jBroFuzz; sid:2009476; rev:2;)

Added 2009-07-01 20:03:01 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Possible jBroFuzz Fuzzer Detected"; flow:to_server,established; content:"|0d 0a|Host\: localhost"; content:"|0d 0a|User-Agent\: Mozilla/5.0 (Windows\; U\; Windows NT 5.1\; en-GB\; rv\:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1"; depth:130; distance:0; threshold: type threshold, track by_src, count 3, seconds 6; classtype:attempted-recon; reference:url,www.owasp.org/index.php/Category:OWASP_JBroFuzz; reference:url,doc.emergingthreats.net/2009476; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_jBroFuzz; sid:2009476; rev:2;)

Added 2009-07-01 20:03:01 UTC

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Possible jBroFuzz Fuzzer Detected"; flow:to_server,established; content:"|0d 0a|Host\: localhost"; content:"|0d 0a|User-Agent\: Mozilla/5.0 (Windows\; U\; Windows NT 5.1\; en-GB\; rv\:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1"; depth:130; distance:0; threshold: type threshold, track by_src, count 3, seconds 6; classtype:attempted-recon; reference:url,www.owasp.org/index.php/Category:OWASP_JBroFuzz; sid:2009476; rev:1;)

Added 2009-07-01 10:30:35 UTC

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r1 | More topic actions
 
Emerging Threats
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback