alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET INFO GET to for TXT File with Minimal Headers"; flow:to_server,established; content:"GET"; http_method; content:".txt"; http_uri; nocase; isdataat:!1,relative; content:""; http_host; depth:6; isdataat:!1,relative; fast_pattern; http_header_names; content:"|0d 0a|Host|0d 0a|Connection|0d 0a 0d 0a|"; depth:22; isdataat:!1,relative; metadata: former_category INFO; classtype:bad-unknown; sid:2026569; rev:1; metadata:affected_product Web_Browsers, attack_target Client_Endpoint, deployment Perimeter, signature_severity Minor, created_at 2018_11_02, updated_at 2018_11_02;)

Added 2018-11-02 17:29:30 UTC

Topic revision: r1 - 2018-11-02 - TWikiGuest
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats