alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; classtype:attempted-recon; sid:2008417; rev:9; metadata:created_at 2010_07_30, updated_at 2019_09_27;)
Added 2019-09-27 18:53:19 UTC
alert http $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; classtype:attempted-recon; sid:2008417; rev:8; metadata:created_at 2010_07_30, updated_at 2010_07_30;)
Added 2018-09-13 19:39:53 UTC
Added 2018-09-13 17:53:53 UTC
alert http $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; classtype:attempted-recon; sid:2008417; rev:8; metadata:created_at 2010_07_30, updated_at 2010_07_30;)
Added 2017-08-07 21:01:35 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET"; http_method; content:"?http|3A|//www.google."; nocase; content:"User-Agent|3A 20|Python-httplib2"; http_header; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; classtype:attempted-recon; sid:2008417; rev:8;)
Added 2011-10-12 19:25:05 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET"; http_method; content:"?http|3A|//www.google."; nocase; content:"User-Agent|3A 20|Python-httplib2"; http_header; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; sid:2008417; rev:8;)
Added 2011-09-14 22:38:32 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET"; http_method; content:"?http|3A|//www.google."; nocase; content:"User-Agent|3A 20|Python-httplib2"; http_header; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:8;)
Added 2011-02-04 17:27:35 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:4;)
Added 2010-01-05 12:46:23 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:4;)
Added 2010-01-05 12:46:23 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:4;)
Added 2010-01-05 12:45:44 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:4;)
Added 2010-01-05 12:45:44 UTC
#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Scan"; content:"|55 73 65 72 2d 41 67 65 6e 74 3a 20 50 79 74 68 6f 6e 2d 75 72 6c 6c 69 62 2f 32 2e 35 0d 0a|"; flow:to_server,established; classtype:attempted-recon; reference:url,wapiti.sourceforge.net; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:2;)
Added 2009-02-12 18:21:19 UTC
#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Scan"; content:"|55 73 65 72 2d 41 67 65 6e 74 3a 20 50 79 74 68 6f 6e 2d 75 72 6c 6c 69 62 2f 32 2e 35 0d 0a|"; flow:to_server,established; classtype:attempted-recon; reference:url,wapiti.sourceforge.net; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:2;)
Added 2009-02-12 18:21:19 UTC
#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Scan"; content:"|55 73 65 72 2d 41 67 65 6e 74 3a 20 50 79 74 68 6f 6e 2d 75 72 6c 6c 69 62 2f 32 2e 35 0d 0a|"; flow:to_server,established; classtype:attempted-recon; reference:url,wapiti.sourceforge.net; sid:2008417; rev:1;)
Added 2008-07-22 15:00:21 UTC
#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Scan"; content:"|55 73 65 72 2d 41 67 65 6e 74 3a 20 50 79 74 68 6f 6e 2d 75 72 6c 6c 69 62 2f 32 2e 35 0d 0a|"; flow:to_server,established; classtype:attempted-recon; reference:url,wapiti.sourceforge.net; sid:2008417; rev:1;)
Added 2008-07-22 15:00:21 UTC
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Scan"; content:"|55 73 65 72 2d 41 67 65 6e 74 3a 20 50 79 74 68 6f 6e 2d 75 72 6c 6c 69 62 2f 32 2e 35 0d 0a|"; flow:to_server,established; classtype:attempted-recon; reference:url,wapiti.sourceforge.net; sid:2008417; rev:1;)
Added 2008-07-15 09:17:47 UTC