EmergingThreats> Main Web>2006434 (revision 1)EditAttach

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"BLEEDING-EDGE POLICY Possible Ecard Trojan download"; flow:established,to_server; uricontent:".exe"; nocase; pcre:"/\/(ecard|postcard|gif|jpg|jpeg|cartao)\.exe/Ui"; classtype:trojan-activity; sid:2006434; rev:1;)

Added 2007-07-27 03:12:10 UTC


Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2007-07-27 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats