#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Browlock Landing Page URI Struct"; flow:to_server,established; content:"/?flow_id"; http_uri; content:"/case_id="; http_uri; fast_pattern:only; pcre:"/\/\?flow_id=\d+?&\d+?=\d+?\/case_id=\d+$/U"; classtype:trojan-activity; sid:2017847; rev:2; metadata:created_at 2013_12_13, former_category CURRENT_EVENTS, updated_at 2013_12_13;)

Added 2020-11-23 17:30:14 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Browlock Landing Page URI Struct"; flow:to_server,established; content:"/?flow_id"; http_uri; content:"/case_id="; http_uri; fast_pattern:only; pcre:"/\/\?flow_id=\d+?&\d+?=\d+?\/case_id=\d+$/U"; classtype:trojan-activity; sid:2017847; rev:2; metadata:created_at 2013_12_13, updated_at 2013_12_13;)

Added 2018-09-13 19:48:10 UTC


Added 2018-09-13 17:58:16 UTC


#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Browlock Landing Page URI Struct"; flow:to_server,established; content:"/?flow_id"; http_uri; content:"/case_id="; http_uri; fast_pattern:only; pcre:"/\/\?flow_id=\d+?&\d+?=\d+?\/case_id=\d+$/U"; classtype:trojan-activity; sid:2017847; rev:2; metadata:created_at 2013_12_13, updated_at 2013_12_13;)

Added 2017-11-28 16:37:28 UTC


alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Browlock Landing Page URI Struct"; flow:to_server,established; content:"/?flow_id"; http_uri; content:"/case_id="; http_uri; fast_pattern:only; pcre:"/\/\?flow_id=\d+?&\d+?=\d+?\/case_id=\d+$/U"; classtype:trojan-activity; sid:2017847; rev:2; metadata:created_at 2013_12_13, updated_at 2013_12_13;)

Added 2017-08-07 21:11:50 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET CURRENT_EVENTS Browlock Landing Page URI Struct"; flow:to_server,established; content:"/?flow_id"; http_uri; content:"/case_id="; http_uri; fast_pattern:only; pcre:"/\/\?flow_id=\d+?&\d+?=\d+?\/case_id=\d+$/U"; classtype:trojan-activity; sid:2017847; rev:2;)

Added 2013-12-13 03:42:40 UTC


Topic revision: r1 - 2020-11-23 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats