alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Possible APC Network Management Card Cross Site Scripting Attempt"; flow:established ...
alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS phpMyAdmin Remote Code Execution Proof of Concept (c )"; flow:established,to server ...
alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS phpMyAdmin Remote Code Execution Proof of Concept (p )"; flow:established,to server ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS Possible Microsoft Internet Explorer iepeers.dll Remote Code Execution Attempt (CVE 2010 ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Joomla com perchagallery Component id Parameter UNION SELECT SQL Injection Attempt ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET WEB SPECIFIC APPS Ask.com Toolbar askBar.dll ActiveX ShortFormat Buffer Overflow Attempt"; flow:established ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Joomla com perchagallery Component id Parameter SELECT FROM SQL Injection Attempt ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SERVER PHP remote file include exploit attempt"; flow: to server,established; content:"GET " ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Joomla com perchagallery Component id Parameter UPDATE SET SQL Injection Attempt ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Joomla com perchagallery Component id Parameter DELETE FROM SQL Injection Attempt ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SERVER Oracle Reports OS Command Injection Attempt"; flow:established,to server; content:"GET ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS SaurusCMS class.writeexcel worksheet.inc.php class path Remote File Inclusion Attempt ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS SaurusCMS class.writeexcel workbook.inc.php class path Remote File Inclusion Attempt ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET WEB CLIENT Foxit Reader ActiveX control OpenFile method Heap Overflow Attempt"; flow:established,to client ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Joomla com perchagallery Component id Parameter INSERT INTO SQL Injection Attempt ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Potential Fake AV GET installer 1.exe"; flow:established,to server; content:"GET "; depth:4 ...
alert udp any any any 53 (msg:"ET CURRENT EVENTS DNS BIND 9 Dynamic Update DoS attempt"; byte test:1, ,40,2; byte test:1, ,0,5; byte test:1, ,0,1; content:" 00 ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Potential Fake AV GET installer.1.exe"; flow:established,to server; content:"GET "; depth:4 ...
alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SERVER HP LaserJet Printer Cross Site Scripting Attempt"; flow:established,to server; uricontent ...
alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Cisco Adaptive Security Appliance WebVPN Cross Site Scripting Attempt"; flow:established ...
#alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS phpBB3 multiple login attempts"; flow:to server,established; content:"POST "; depth ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Downloader User Agent Detected (Windows Updates Manager 3.12 ...)"; flow:established,to server ...
#alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS phpBB3 Brute Force reg attempt (Bad flow 2)"; flowbits:isset,ET.phpBB3 test; flowbits ...
#alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS phpBB3 registration (Step1 GET)"; flow:to server,established; content:"GET "; depth ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET USER AGENTS badly formatted User Agent string (no closing parenthesis)"; flow:established,to server; ...
#alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS phpBB3 Brute Force reg attempt (Bad flow 2)"; flowbits:isnotset,ET.phpBB3 register ...
#alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS phpBB3 Brute Force reg attempt (Bad pf XXXXX)"; flowbits:isset,ET.phpBB3 test; flow ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN User agent DownloadNetFile Win32.small.hsh downloader"; flow:established,to server; content:"GET ...
#alert tcp $EXTERNAL NET any $HOME NET $HTTP PORTS (msg:"ET WEB SPECIFIC APPS phpBB3 possible spammer posting attempts"; flow:to server,established; content:"POST ...