alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg: "ET DOS squ1rt Apache
DoS?"; flow: to_server,established; flowbits:isset,http.get; dsize: 1448; content:"|20202020|"; depth: 4; content:"|20202020|"; offset: 1436; depth: 4; reference:cve,2004-0942; classtype: attempted-dos; reference:url,doc.emergingthreats.net/bin/view/Main/2001636; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Apache_Squ1rt; sid: 2001636; rev:6;)
Added 2009-02-06 19:00:55 UTC
alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg: "ET DOS squ1rt Apache
DoS?"; flow: to_server,established; flowbits:isset,http.get; dsize: 1448; content:"|20202020|"; depth: 4; content:"|20202020|"; offset: 1436; depth: 4; reference:cve,2004-0942; classtype: attempted-dos; reference:url,doc.emergingthreats.net/bin/view/Main/2001636; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Apache_Squ1rt; sid: 2001636; rev:6;)
Added 2009-02-06 19:00:55 UTC
alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg: "ET DOS squ1rt Apache
DoS?"; flow: to_server,established; flowbits:isset,http.get; dsize: 1448; content:"|20202020|"; depth: 4; content:"|20202020|"; offset: 1436; depth: 4; reference:cve,2004-0942; classtype: attempted-dos; sid: 2001636; rev:5;)
Added 2008-01-25 10:03:39 UTC
alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg: "ET DOS squ1rt Apache
DoS?"; flow: to_server,established; flowbits:isset,http.get; dsize: 1448; content:"|20202020|"; depth: 4; content:"|20202020|"; offset: 1436; depth: 4; reference:cve,2004-0942; classtype: attempted-dos; sid: 2001636; rev:5;)
Added 2008-01-25 10:03:39 UTC
alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg: "BLEEDING-EDGE DOS squ1rt Apache
DoS?"; flow: to_server,established; flowbits:isset,http.get; dsize: 1448; content:"|20202020|"; depth: 4; content:"|20202020|"; offset: 1436; depth: 4; reference:cve,2004-0942; classtype: attempted-dos; sid: 2001636; rev:4; )