alert http $EXTERNAL_NET any -> any any (msg:"ET SCAN Zmap User-Agent (Inbound)"; flow:established,to_server; content:"Mozilla/5.0 zgrab/0.x"; http_user_agent; depth:21; isdataat:!1,relative; classtype:network-scan; sid:2029054; rev:1; metadata:created_at 2019_11_26, former_category SCAN, updated_at 2019_11_26;)

Added 2020-08-05 19:17:14 UTC


alert http $EXTERNAL_NET any -> any any (msg:"ET SCAN Zmap User-Agent (Inbound)"; flow:established,to_server; content:"Mozilla/5.0 zgrab/0.x"; http_user_agent; depth:21; isdataat:!1,relative; metadata: former_category SCAN; classtype:network-scan; sid:2029054; rev:1; metadata:created_at 2019_11_26, updated_at 2019_11_26;)

Added 2020-06-16 19:05:33 UTC


alert http $EXTERNAL_NET any -> any any (msg:"ET SCAN Zmap User-Agent (zgrab)"; flow:established,to_server; content:"Mozilla/5.0 zgrab/0.x"; http_user_agent; depth:21; isdataat:!1,relative; classtype:network-scan; sid:2029054; rev:1; metadata:created_at 2019_11_26, updated_at 2019_11_26;)

Added 2019-11-26 18:48:28 UTC


Topic revision: r1 - 2020-08-05 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats