#alert tcp $HOME_NET 4321 -> $EXTERNAL_NET any (msg: "BLEEDING-EDGE TROJAN Akak trojan protocol response from infected host"; flow: established,to_client; dsize: 4; content:"|6f 17 00 00|"; reference:url,www.lurhq.com/akak.html; classtype: trojan-activity; sid: 2001237; rev:4; )



Topic revision: r1 - 2008-01-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats