alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Avzhan DDOS Bot Outbound Hardcoded Malformed GET Request Denial Of Service Attack Detected"; flow:established,to_server; content:"GET ^&&%$%$^%$#^&**(((&*^%$##$%^&*(*&^%$%^&.htm"; depth:49; nocase; threshold:type limit, count 1, seconds 60, track by_src; reference:url,asert.arbornetworks.com/2010/09/another-family-of-ddos-bots-avzhan/; classtype:trojan-activity; sid:2011585; rev:2;)

Added 2011-10-12 19:32:20 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Avzhan DDOS Bot Outbound Hardcoded Malformed GET Request Denial Of Service Attack Detected"; flow:established,to_server; content:"GET ^&&%$%$^%$#^&**(((&*^%$##$%^&*(*&^%$%^&.htm"; depth:49; nocase; threshold:type limit, count 1, seconds 60, track by_src; classtype:trojan-activity; reference:url,asert.arbornetworks.com/2010/09/another-family-of-ddos-bots-avzhan/; sid:2011585; rev:2;)

Added 2011-02-04 17:31:25 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats