EmergingThreats> Main Web>2002383 (revision 1)EditAttach

alert tcp $HOME_NET 21 -> $EXTERNAL_NET any (msg:"BLEEDING-EDGE SCAN Potential FTP Brute-Force attempt"; flow:from_server,established; content:"530 "; pcre:"/^530\s+(Login|User|Failed)/smi"; classtype:unsuccessful-user; threshold: type threshold, track by_dst, count 5, seconds 120; sid:2002383; rev:4;)

Auto-added on 2007-03-05 23:46:09 UTC



alert tcp $HOME_NET 21 -> $EXTERNAL_NET any (msg:"BLEEDING-EDGE SCAN Potential FTP Brute-Force attempt"; flow:from_server,established; content:"530 "; pcre:"/^530\s+(Login|User)/smi"; classtype:unsuccessful-user; threshold: type threshold, track by_dst, count 5, seconds 120; sid:2002383; rev:3;)



Edit | Attach | Print version | History: r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2007-03-05 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats