EmergingThreats> Main Web>2003295 (revision 1)EditAttach

alert icmp $HOME_NET any -> $EXTERNAL_NET any (msg:"BLEEDING-EDGE WORM Allaple ICMP Sweep Reply Outbound"; icode:0; itype:0; content:"Babcdefghijklmnopqrstuvwabcdefghi"; threshold: type both, count 1, seconds 60, track by_dst; classtype:trojan-activity; reference:url,www.sophos.com/virusinfo/analyses/w32allapleb.html; reference:url,isc.sans.org/diary.html?storyid=2451; sid:2003295; rev:4;)

Added 2007-03-16 08:45:23 UTC


alert icmp $HOME_NET any -> $EXTERNAL_NET any (msg:"BLEEDING-EDGE WORM Allaple ICMP Sweep Reply Outbound"; icode:0; itype:0; content:"Babcdefghijklmnopqrstuvwabcdefghi"; threshold: type both, count 1, seconds 60, track by_dst; classtype:trojan-activity; reference:url,www.sophos.com/virusinfo/analyses/w32allapleb.html; sid:2003295; rev:3;)



Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2007-03-16 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats