#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET POLICY FTP Frequent Administrator Login Attempts"; flow:to_server,established; content:"USER Administrator|0d0a|"; nocase; threshold: type threshold, track by_src, count 3, seconds 30; reference:url,doc.emergingthreats.net/2009667; classtype:attempted-admin; sid:2009667; rev:2; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 21:02:48 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET POLICY FTP Frequent Administrator Login Attempts"; flow:to_server,established; content:"USER Administrator|0d0a|"; nocase; threshold: type threshold, track by_src, count 3, seconds 30; reference:url,doc.emergingthreats.net/2009667; classtype:attempted-admin; sid:2009667; rev:2;)

Added 2011-10-12 19:28:01 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET POLICY FTP Frequent Administrator Login Attempts"; flow:to_server,established; content:"USER Administrator|0d0a|"; nocase; threshold: type threshold, track by_src, count 3, seconds 30; classtype:attempted-admin; reference:url,doc.emergingthreats.net/2009667; sid:2009667; rev:2;)

Added 2011-09-14 22:41:17 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET POLICY FTP Frequent Administrator Login Attempts"; flow:to_server,established; content:"USER Administrator|0d0a|"; nocase; threshold: type threshold, track by_src, count 3, seconds 30; classtype:attempted-admin; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_FTP_Login; reference:url,doc.emergingthreats.net/2009667; sid:2009667; rev:2;)

Added 2011-02-04 17:29:02 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET POLICY FTP Frequent Administrator Login Attempts"; flow:to_server,established; content:"USER Administrator|0d0a|"; nocase; threshold: type threshold, track by_src, count 3, seconds 30; classtype:attempted-admin; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_FTP_Login; reference:url,doc.emergingthreats.net/2009667; sid:2009667; rev:2;)

Added 2009-07-22 15:45:41 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET POLICY FTP Frequent Administrator Login Attempts"; flow:to_server,established; content:"USER Administrator|0d0a|"; nocase; threshold: type threshold, track by_src, count 3, seconds 30; classtype:attempted-admin; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_FTP_Login; reference:url,doc.emergingthreats.net/2009667; sid:2009667; rev:2;)

Added 2009-07-22 15:45:41 UTC


#alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET POLICY FTP Frequent Administrator Login Attempts"; flow:to_server,established; content:"USER Administrator|0d0a|"; nocase; threshold: type threshold, track by_src, count 3, seconds 30; classtype:attempted-admin; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_FTP_Login; sid:2009667; rev:1;)

Added 2009-07-22 12:30:38 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats