alert tcp $HOME_NET 1024: -> $EXTERNAL_NET 1024: (msg:"ET TROJAN Unknown CnC? Channel Keep Alive"; flow:established,to_server; dsize:5; content:"|17 24 1b 00 00|"; classtype:trojan-activity; sid:2009865; rev:1;)

Added 2009-09-04 10:45:36 UTC


Topic revision: r1 - 2009-09-04 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats