alert tcp any any -> $HOME_NET 23 (msg:"ET EXPLOIT Actiontec C1000A? backdoor account"; flow:established,to_server; content:"CenturyL1nk"; fast_pattern:only; metadata: former_category EXPLOIT; classtype:attempted-admin; sid:2024980; rev:1; metadata:attack_target IoT?, deployment Perimeter, signature_severity Critical, created_at 2017_11_13, performance_impact Low, updated_at 2017_11_13;)

Added 2017-11-13 16:23:08 UTC


Topic revision: r1 - 2017-11-13 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats