#alert tcp $HOME_NET any -> 212.26.42.47 9090 (msg:"ET DELETED ProFTPD? Backdoor outbound Request Sent"; flow:established,to_server; content:"GET /AB"; reference:url,slashdot.org/story/10/12/02/131214/ProFTPDorg-Compromised-Backdoor-Distributed; reference:url,xorl.wordpress.com/2010/12/02/news-proftpd-owned-and-backdoored/; reference:url,sourceforge.net/mailarchive/message.php?msg_name=alpine.DEB.2.00.1012011542220.12930%40familiar.castaglia.org; classtype:trojan-activity; sid:2011993; rev:2; metadata:created_at 2010_12_02, updated_at 2010_12_02;)

Added 2021-09-09 17:40:20 UTC


#alert tcp $HOME_NET any -> 212.26.42.47 9090 (msg:"ET DELETED ProFTPD? Backdoor outbound Request Sent"; flow:established,to_server; content:"GET /AB"; reference:url,slashdot.org/story/10/12/02/131214/ProFTPDorg-Compromised-Backdoor-Distributed; reference:url,xorl.wordpress.com/2010/12/02/news-proftpd-owned-and-backdoored/; reference:url, sourceforge.net/mailarchive/message.php?msg_name=alpine.DEB.2.00.1012011542220.12930%40familiar.castaglia.org; classtype:trojan-activity; sid:2011993; rev:2; metadata:created_at 2010_12_02, updated_at 2010_12_02;)

Added 2018-09-13 19:42:22 UTC


Added 2018-09-13 17:55:11 UTC


#alert tcp $HOME_NET any -> 212.26.42.47 9090 (msg:"ET DELETED ProFTPD? Backdoor outbound Request Sent"; flow:established,to_server; content:"GET /AB"; reference:url,slashdot.org/story/10/12/02/131214/ProFTPDorg-Compromised-Backdoor-Distributed; reference:url,xorl.wordpress.com/2010/12/02/news-proftpd-owned-and-backdoored/; reference:url, sourceforge.net/mailarchive/message.php?msg_name=alpine.DEB.2.00.1012011542220.12930%40familiar.castaglia.org; classtype:trojan-activity; sid:2011993; rev:2; metadata:created_at 2010_12_02, updated_at 2010_12_02;)

Added 2017-08-07 21:05:04 UTC


##alert tcp $HOME_NET any -> 212.26.42.47 9090 (msg:"ET DELETED ProFTPD? Backdoor outbound Request Sent"; flow:established,to_server; content:"GET /AB"; reference:url,slashdot.org/story/10/12/02/131214/ProFTPDorg-Compromised-Backdoor-Distributed; reference:url,xorl.wordpress.com/2010/12/02/news-proftpd-owned-and-backdoored/; reference:url, sourceforge.net/mailarchive/message.php?msg_name=alpine.DEB.2.00.1012011542220.12930%40familiar.castaglia.org; classtype:trojan-activity; sid:2011993; rev:2;)

Added 2014-08-28 18:33:51 UTC



This topic: Main > 2011993
Topic revision: r1 - 2021-09-09 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats