Main Web50 Recent Changes in Main Web retrieved at 03:22 (GMT)
alert tcp $HOME NET any $EXTERNAL NET 1024: (msg:"ET TROJAN ZeuS ICE IX cid in cookie"; content:"POST"; http method; content:" 0D 0A Cookie 3a cid "; pcre: ...
#alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET DELETED HTTP Request to a .cz.tf domain"; flow:to server,established; content:".cz.tf 0D 0A "; fast ...
##alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET DELETED FAKEAV CryptMEN inst.exe Payload Download"; flow:established,from server; content:"Content ...
Statistics for Main Web Month: Topic views: Topic saves: File uploads: Most popular topic views: Top contributors for topic save and uploads ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET TROJAN Delf/Troxen/Zema controller delivering clickfraud instructions"; flow:established,to client; file ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN MSUpdater POST checkin to CnC"; flow:established,to server; content:"/microsoft/errorpost/default ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN MSUpdater post auth checkin"; flow:established,to server; content:"/search6"; http uri; fast pattern ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET TROJAN Delf/Troxen/Zema controller responding to client"; flow:established,to client; file data; content ...
alert tcp $EXTERNAL NET 443 $HOME NET any (msg:"ET TROJAN Sykipot SSL Certificate serial number detected"; flow:established,to client; content:" 16 "; content: ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN MSUpdater Connectivity Check to Google"; flow:established,to server; content:"/search?qu "; http ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET MOBILE MALWARE Android/Plankton.P Commands Request to CnC Server"; flow:established,to server; content ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN MSUpdater alt checkin to CnC"; flow:established,to server; content:"/microsoft/errorpost/default ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS CutePack Exploit Kit JavaScript Variable Detected"; flow:established,to client; content ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS Likely MS12 004 midiOutPlayNextPolyEvent Heap Overflow Midi Filename Requested baby.mid ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS CUTE IE.html CutePack Exploit Kit Landing Page Request"; flow:established,to server; content ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS CutePack Exploit Kit Landing Page Detected"; flow:established,to client; content:"button ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS CUTE IE.html CutePack Exploit Kit Iframe for Landing Page Detected"; flow:established ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN TLD4 Purple Haze Variant Initial CnC Request for Ad Servers"; flow:established,to server; content ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET POLICY File Being Uploaded to SendSpace File Hosting Site"; flow:established,to server; content:"POST ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS Blackhole Exploit Kit JavaScript colon string splitting"; flow:established,from server ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Dapato/Cleaman Checkin"; flow:established,to server; content:".php?rnd "; http uri; fast pattern ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS Blackhole Acrobat 8/9.3 PDF exploit download request 5"; flow:established,to server; content ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET POLICY Outbound HTTP Connection From Cisco IOS Device"; flow:established,to server; content:"User Agent ...
alert tcp $EXTERNAL NET $HTTP PORTS $HOME NET any (msg:"ET CURRENT EVENTS Yang Pack Exploit Kit Landing Page Known JavaScript Function Detected"; flow:established ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS Blackhole Java Exploit request to /content/rin.jar"; flow:established,to server; content ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS IBBY nouvelles.php id Parameter UPDATE SET SQL Injection Attempt"; flow:established ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS Likely Blackhole Exploit Kit Driveby ?id Download Secondary Request"; flow:established ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN W32/118GotYourNo Reporting to CnC"; flow:established,to server; content:"POST"; http method; content ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN W32/VPEYE Trojan Downloader User Agent (VP EYE Downloader)"; flow:established,to server; content ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS IBBY nouvelles.php id Parameter INSERT INTO SQL Injection Attempt"; flow:established ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET MALWARE W32/MediaGet Checkin"; flow:established,to server; content:" Added 2012 02 06 22:00:16 UTC
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET MALWARE W32/OpenTrio User Agent (Open3)"; flow:established,to server; content:"User Agent 3A 20 Open3 ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS IBBY nouvelles.php id Parameter UNION SELECT SQL Injection Attempt"; flow:established ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET MALWARE Malicious getpvstat.php file Reporting"; flow:established,to server; content:"GET"; http method ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS IBBY nouvelles.php id Parameter SELECT FROM SQL Injection Attempt"; flow:established ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS Joomla mod currencyconverter from Cross Site Scripting Attempt"; flow:established ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS SAPID get infochannel.inc.php Remote File inclusion Attempt"; flow:established ...
alert tcp $EXTERNAL NET any $HTTP SERVERS $HTTP PORTS (msg:"ET WEB SPECIFIC APPS IBBY nouvelles.php id Parameter DELETE FROM SQL Injection Attempt"; flow:established ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET VIRUS Malicious file BaiduPlayer1.0.21.25.exe download"; flow:established,to server; content:"GET"; http ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET MALWARE Malicious ad track.php file Reporting"; flow:established,to server; content:"GET"; http method ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN TDSS/TDL/Alureon MBR rootkit Checkin"; flow:established,to server; content:"GET"; http method ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Win32.MSUpdater C C traffic GET"; flow:from client,established; content:".aspx?ID "; http uri ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS Incognito Exploit Kit Java request to showthread.php?t "; flow:established,to server; ...
##alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET DELETED MSUpdater.net Spyware Checkin"; flow:established,to server; content:"/popsetarray.php? country ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Win32/Cryptrun.B/MSUpdater C C traffic 1"; flow:from client,established; content:"/search"; http ...
#alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET MALWARE User Agent (Yodao Desktop Dict)"; flow:to server,established; content:"User Agent 3a Yodao ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS Unknown Malware Checkin Possibly ZeuS"; flow:established,to server; content:"POST"; http ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET TROJAN Win32.Pamesg/ArchSMS.HL CnC Checkin"; flow:established,to server; content:".php?aid "; http uri ...
My Links .ATasteOfTWiki view a short introductory presentation on TWiki for beginners .WelcomeGuest starting points on TWiki .TWikiUsersGuide ...
alert tcp $HOME NET any $EXTERNAL NET $HTTP PORTS (msg:"ET CURRENT EVENTS Laik exploit kit binary download request"; flow:established,to server; content:"/load ...
Number of topics: 50
See also:
RSS feed, recent changes with 50, 100, 200, 500, 1000 topics, all changes
Main Web
Create New Topic
Index
Search
Changes
Preferences- User Reference
- ATasteOfTWiki
- TextFormattingRules
- Signature Reference
- WebRss Feed
- EmergingFAQ
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback