alert smtp $EXTERNAL_NET any -> $SMTP_SERVERS any (msg:"ET INFO SMTP PDF Attachment Flowbit Set"; flow:established,from_server; content:"|0d 0a 0d 0a|JVBERi"; fast_pattern; flowbits:set,ET.pdf.in.smtp.attachment; flowbits:noalert; metadata: former_category INFO; classtype:bad-unknown; sid:2024236; rev:3; metadata:attack_target SMTP_Server, deployment Perimeter, signature_severity Informational, created_at 2017_04_21, updated_at 2019_10_07;)

Added 2019-10-08 19:34:45 UTC


alert smtp $EXTERNAL_NET any -> $SMTP_SERVERS any (msg:"ET INFO SMTP PDF Attachment Flowbit Set"; flow:established,from_server; content:"|0d 0a 0d 0a|JVBERi"; fast_pattern:only; flowbits:set,ET.pdf.in.smtp.attachment; flowbits:noalert; metadata: former_category INFO; classtype:bad-unknown; sid:2024236; rev:2; metadata:attack_target SMTP_Server, deployment Perimeter, signature_severity Informational, created_at 2017_04_21, updated_at 2017_04_21;)

Added 2019-08-16 19:27:20 UTC


alert smtp $EXTERNAL_NET any -> $SMTP_SERVERS any (msg:"ET INFO SMTP PDF Attachment Flowbit Set"; flow:established,from_server; content:"|0d 0a 0d 0a|JVBERi"; fast_pattern:only; flowbits:set,ET.pdf.in.smtp.attachment; flowbits:noalert; metadata: former_category INFO; classtype:bad-unknown; sid:2024236; rev:2; metadata:attack_target SMTP_Server, deployment Perimeter, signature_severity Audit, created_at 2017_04_21, updated_at 2017_04_21;)

Added 2018-09-13 19:53:44 UTC


Added 2018-09-13 18:01:33 UTC


alert smtp $EXTERNAL_NET any -> $SMTP_SERVERS any (msg:"ET INFO SMTP PDF Attachment Flowbit Set"; flow:established,from_server; content:"|0d 0a 0d 0a|JVBERi"; fast_pattern:only; flowbits:set,ET.pdf.in.smtp.attachment; flowbits:noalert; metadata: former_category INFO; classtype:bad-unknown; sid:2024236; rev:2; metadata:attack_target SMTP_Server, deployment Perimeter, signature_severity Audit, created_at 2017_04_21, updated_at 2017_04_21;)

Added 2017-08-07 21:19:34 UTC


alert smtp $EXTERNAL_NET any -> $SMTP_SERVERS any (msg:"ET INFO SMTP PDF Attachment Flowbit Set"; flow:established,from_server; content:"|0d 0a 0d 0a|JVBERi"; fast_pattern:only; flowbits:set,ET.pdf.in.smtp.attachment; flowbits:noalert; classtype:bad-unknown; sid:2024236; rev:2;)

Added 2017-05-05 16:59:06 UTC


alert smtp $EXTERNAL_NET any -> $SMTP_SERVERS any (msg:"ET INFO SMTP PDF Attachment Flowbit Set"; flow:established,from_server; content:"|0d 0a 0d 0a|JVBERi"; fast_pattern:only; flowbits:set,ET.pdf.in.smtp.attachment; flowbits:noalert; metadata: former_category INFO; classtype:bad-unknown; sid:2024236; rev:2;)

Added 2017-05-03 17:36:03 UTC


alert smtp $EXTERNAL_NET any -> $SMTP_SERVERS any (msg:"ET INFO SMTP PDF Attachment Flowbit Set"; flow:established,from_server; content:"|0d 0a 0d 0a|JVBERi"; fast_pattern:only; flowbits:set,ET.pdf.in.smtp.attachment; flowbits:noalert; classtype:bad-unknown; sid:2024236; rev:2;)

Added 2017-04-24 17:33:40 UTC


Topic revision: r1 - 2019-10-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats