alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY Zero Content-Length HTTP POST with data (outbound)"; flow:established,to_server; content:"POST"; http_method; pcre:"/^\./P"; http_content_len; content:"0"; fast_pattern; depth:1; isdataat:!1; classtype:bad-unknown; sid:2011819; rev:5; metadata:created_at 2010_10_15, former_category POLICY, updated_at 2022_05_27;)

Added 2022-05-27 16:50:22 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY Zero Content-Length HTTP POST with data (outbound)"; flow:established,to_server; content:"POST"; nocase; http_method; pcre:"/^./P"; http_content_len; content:"0"; fast_pattern; classtype:bad-unknown; sid:2011819; rev:4; metadata:created_at 2010_10_15, former_category POLICY, updated_at 2022_05_24;)

Added 2022-05-26 19:04:04 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY Zero Content-Length HTTP POST with data (outbound)"; flow:established,to_server; content:"POST"; nocase; http_method; pcre:"/^./P"; http_content_len; content:"0"; fast_pattern; classtype:bad-unknown; sid:2011819; rev:3; metadata:created_at 2010_10_15, updated_at 2022_05_24;)

Added 2022-05-25 18:17:02 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Zero Content-Length HTTP POST with data (outbound)"; flow:established,to_server; content:"POST"; nocase; http_method; content:"|0D 0A|Content-Length|3a| 0|0D 0A|"; content:"|0D 0A 0D 0A|"; distance:0; isdataat:1,relative; classtype:bad-unknown; sid:2011819; rev:1; metadata:created_at 2010_10_15, updated_at 2010_10_15;)

Added 2021-09-21 19:57:20 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Zero Content-Length HTTP POST with data (outbound)"; flow:established,to_server; content:"POST"; nocase; http_method; content:"|0D 0A|Content-Length|3a| 0|0D 0A|"; content:"|0D 0A 0D 0A|"; distance:0; isdataat:1,relative; classtype:bad-unknown; sid:2011819; rev:1; metadata:created_at 2010_10_14, updated_at 2010_10_14;)

Added 2018-09-13 19:42:15 UTC


Added 2018-09-13 17:55:07 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Zero Content-Length HTTP POST with data (outbound)"; flow:established,to_server; content:"POST"; nocase; http_method; content:"|0D 0A|Content-Length|3a| 0|0D 0A|"; content:"|0D 0A 0D 0A|"; distance:0; isdataat:1,relative; classtype:bad-unknown; sid:2011819; rev:1; metadata:created_at 2010_10_14, updated_at 2010_10_14;)

Added 2017-08-07 21:04:52 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Zero Content-Length HTTP POST with data (outbound)"; flow:established,to_server; content:"POST"; nocase; http_method; content:"|0D 0A|Content-Length|3a| 0|0D 0A|"; content:"|0D 0A 0D 0A|"; distance:0; isdataat:1,relative; classtype:bad-unknown; sid:2011819; rev:1;)

Added 2012-01-18 18:01:21 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Zero Content-Length HTTP POST with data (outbound)"; flow:established,to_server; content:"POST"; nocase; http_method; content:"|0D 0A|Content-Length|3a| 0|0D 0A|"; content:"|0D 0A 0D 0A|"; distance:0; isdataat:1,relative; classtype:bad-unknown; sid:2011819; rev:1;)

Added 2011-10-12 19:32:38 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Zero Content-Length HTTP POST with data (outbound)"; flow:established,to_server; content:"POST"; nocase; http_method; content:"|0D 0A|Content-Length|3a| 0|0D 0A|"; content:"|0D 0A 0D 0A|"; distance:0; isdataat:1,relative; classtype:bad-unknown; sid:2011819; rev:1;)

Added 2011-02-04 17:31:35 UTC


Topic revision: r1 - 2022-05-27 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats