alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Netsparker Default User-Agent"; flow:to_server,established; content:"User-Agent|3a| "; http_header; content:" Netsparker)|0d 0a|"; http_header; fast_pattern; within:200; threshold:type limit,track by_src,count 1,seconds 60; reference:url,www.mavitunasecurity.com/communityedition/; classtype:attempted-recon; sid:2011029; rev:7;)

Added 2013-02-27 13:22:51 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Netsparker Default User-Agent"; flow:to_server,established; content:"User-Agent|3a| "; http_header; content:" Netsparker)|0d 0a|"; http_header; fast_pattern; within:200; threshold:type limit,track by_src,count 1,seconds 60; reference:url,www.mavitunasecurity.com/communityedition/; reference:url,doc.emergingthreats.net/2011029; classtype:attempted-recon; sid:2011029; rev:7;)

Added 2012-01-18 18:01:01 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Netsparker Default User-Agent"; flow:to_server,established; content:"User-Agent|3a| Mozilla/4.0 (compatible|3b| MSIE 6.0|3b| Windows NT 5.1|3b| SV1|3b| .NET CLR 1.1.4322|3b| Netsparker)"; fast_pattern:only; http_header; threshold:type limit,track by_src,count 1,seconds 60; reference:url,www.mavitunasecurity.com/communityedition/; reference:url,doc.emergingthreats.net/2011029; classtype:attempted-recon; sid:2011029; rev:6;)

Added 2011-10-12 19:31:10 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Netsparker Default User-Agent"; flow:to_server,established; content:"User-Agent|3a| Mozilla/4.0 (compatible|3b| MSIE 6.0|3b| Windows NT 5.1|3b| SV1|3b| .NET CLR 1.1.4322|3b| Netsparker)"; fast_pattern:only; http_header; threshold:type limit,track by_src,count 1,seconds 60; classtype: attempted-recon; reference:url,www.mavitunasecurity.com/communityedition/; reference:url,doc.emergingthreats.net/2011029; sid:2011029; rev:6;)

Added 2011-09-14 22:44:18 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Netsparker Default User-Agent"; flow:to_server,established; content:"User-Agent|3a| Mozilla/4.0 (compatible|3b| MSIE 6.0|3b| Windows NT 5.1|3b| SV1|3b| .NET CLR 1.1.4322|3b| Netsparker)"; fast_pattern:only; http_header; threshold:type limit,track by_src,count 1,seconds 60; classtype: attempted-recon; reference:url,www.mavitunasecurity.com/communityedition/; reference:url,doc.emergingthreats.net/2011029; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_NetSparker; sid:2011029; rev:6;)

Added 2011-02-04 17:30:45 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Netsparker Default User-Agent"; flow:to_server,established; content:"User-Agent|3a| Mozilla/4.0 (compatible\; MSIE 6.0\; Windows NT 5.1\; SV1\; .NET CLR 1.1.4322\; Netsparker)"; threshold:type limit,track by_src,count 1,seconds 60; reference:url,www.mavitunasecurity.com/communityedition/; reference:url,doc.emergingthreats.net/2011029; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_NetSparker; classtype: attempted-recon; sid:2011029; rev:3;)

Added 2010-04-14 19:45:58 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Netsparker Default User-Agent"; flow:to_server,established; content:"User-Agent|3a| Mozilla/4.0 (compatible\; MSIE 6.0\; Windows NT 5.1\; SV1\; .NET CLR 1.1.4322\; Netsparker)"; threshold:type limit,track by_src,count 1,seconds 60; reference:url,www.mavitunasecurity.com/communityedition/; reference:url,doc.emergingthreats.net/2011029; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_NetSparker; classtype: attempted-recon; sid:2011029; rev:3;)

Added 2010-04-14 19:45:58 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Netsparker Default User-Agent"; flow:to_server,established; content:"User-Agent|3a| Mozilla/4.0 (compatible\; MSIE 6.0\; Windows NT 5.1\; SV1\; .NET CLR 1.1.4322\; Netsparker)"; threshold:type limit,track by_src,count 1,seconds 60; reference:url,www.mavitunasecurity.com/communityedition/; reference:url,doc.emergingthreats.net/2011029; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_NetSparker; sid:2011029; rev:2;)

Added 2010-04-14 12:15:58 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Netsparker Default User-Agent"; flow:to_server,established; content:"User-Agent|3a| Mozilla/4.0 (compatible\; MSIE 6.0\; Windows NT 5.1\; SV1\; .NET CLR 1.1.4322\; Netsparker)"; threshold:type limit,track by_src,count 1,seconds 60; reference:url,www.mavitunasecurity.com/communityedition/; reference:url,doc.emergingthreats.net/2011029; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_NetSparker; sid:2011029; rev:2;)

Added 2010-04-14 12:15:58 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Netsparker Default User-Agent"; flow:to_server,established; content:"User-Agent|3a| Mozilla/4.0 (compatible\; MSIE 6.0\; Windows NT 5.1\; SV1\; .NET CLR 1.1.4322\; Netsparker)"; threshold:type limit,track by_src,count 1,seconds 60; reference:url,www.mavitunasecurity.com/communityedition/; sid:2011029; rev:1;)

Added 2010-04-14 11:15:57 UTC


Topic revision: r1 - 2013-02-27 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats