alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET ATTACK_RESPONSE Possible BeEF? HTTP Headers Inbound"; flow:established,from_server; content:"Content-Type|3a 20|text/javascript|0d 0a|Server|3a 20|Apache/2.2.3 (CentOS?)|0d 0a|Pragma|3a|"; fast_pattern; http_header; depth:69; content:"|0d 0a|Expires|3a 20|0|0d 0a|"; http_header; http_header_names; content:!"Set-Cookie|0d 0a|"; content:!"X-Powered-By|0d 0a|"; classtype:attempted-user; sid:2024421; rev:3; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2017_06_23, deployment Perimeter, former_category ATTACK_RESPONSE, performance_impact Moderate, signature_severity Major, updated_at 2020_11_05;)

Added 2020-11-05 18:35:57 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET ATTACK_RESPONSE Possible BeEF? HTTP Headers Inbound"; flow:established,from_server; content:"Content-Type|3a 20|text/javascript|0d 0a|Server|3a 20|Apache/2.2.3 (CentOS?)|0d 0a|Pragma|3a|"; fast_pattern; http_header; depth:69; content:"|0d 0a|Expires|3a 20|0|0d 0a|"; http_header; http_header_names; content:!"Set-Cookie|0d 0a|"; content:!"X-Powered-By|0d 0a|"; classtype:attempted-user; sid:2024421; rev:3; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2017_06_23, deployment Perimeter, former_category ATTACK_RESPONSE, performance_impact Moderate, signature_severity Major, updated_at 2020_03_04;)

Added 2020-08-05 19:13:39 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET ATTACK_RESPONSE Possible BeEF? HTTP Headers Inbound"; flow:established,from_server; content:"Content-Type|3a 20|text/javascript|0d 0a|Server|3a 20|Apache/2.2.3 (CentOS?)|0d 0a|Pragma|3a|"; fast_pattern; http_header; depth:69; content:"|0d 0a|Expires|3a 20|0|0d 0a|"; http_header; http_header_names; content:!"Set-Cookie|0d 0a|"; content:!"X-Powered-By|0d 0a|"; metadata: former_category ATTACK_RESPONSE; classtype:attempted-user; sid:2024421; rev:3; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2017_06_23, performance_impact Moderate, updated_at 2020_03_04;)

Added 2020-03-05 12:26:03 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET ATTACK_RESPONSE Possible BeEF? HTTP Headers Inbound"; flow:established,from_server; content:"Content-Type|3a 20|text/javascript|0d 0a|Server|3a 20|Apache/2.2.3 (CentOS?)|0d 0a|Pragma|3a|"; fast_pattern; http_header; depth:69; content:"|0d 0a|Expires|3a 20|0|0d 0a|"; http_header; content:!"Set-Cookie|3a 20|"; content:!"X-Powered-By|3a 20|"; http_header; metadata: former_category ATTACK_RESPONSE; classtype:attempted-user; sid:2024421; rev:2; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2017_06_23, performance_impact Moderate, updated_at 2017_06_23;)

Added 2018-09-13 19:53:51 UTC


Added 2018-09-13 18:01:38 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET ATTACK_RESPONSE Possible BeEF? HTTP Headers Inbound"; flow:established,from_server; content:"Content-Type|3a 20|text/javascript|0d 0a|Server|3a 20|Apache/2.2.3 (CentOS?)|0d 0a|Pragma|3a|"; fast_pattern; http_header; depth:69; content:"|0d 0a|Expires|3a 20|0|0d 0a|"; http_header; content:!"Set-Cookie|3a 20|"; content:!"X-Powered-By|3a 20|"; http_header; metadata: former_category ATTACK_RESPONSE; classtype:attempted-user; sid:2024421; rev:2; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2017_06_23, performance_impact Moderate, updated_at 2017_06_23;)

Added 2017-08-07 21:19:47 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET ATTACK_RESPONSE Possible BeEF? HTTP Headers Inbound"; flow:established,from_server; content:"Content-Type|3a 20|text/javascript|0d 0a|Server|3a 20|Apache/2.2.3 (CentOS?)|0d 0a|Pragma|3a|"; fast_pattern; http_header; depth:69; content:"|0d 0a|Expires|3a 20|0|0d 0a|"; http_header; content:!"Set-Cookie|3a 20|"; content:!"X-Powered-By|3a 20|"; http_header; classtype:attempted-user; sid:2024421; rev:2;)

Added 2017-06-23 17:07:38 UTC


Topic revision: r1 - 2020-11-05 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats