#alert http $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED Rapidshare download unauthd image post"; flow:to_server,established; content:"POST"; http_method; content:"/files/"; nocase; http_uri; content:"Host|3a|"; nocase; http_header; content:"rapidshare.com"; nocase; http_header; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; reference:url,en.wikipedia.org/wiki/RapidShare; reference:url,doc.emergingthreats.net/2006368; classtype:policy-violation; sid:2006368; rev:7; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 20:59:35 UTC


##alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED Rapidshare download unauthd image post"; flow:to_server,established; content:"POST"; http_method; content:"/files/"; nocase; http_uri; content:"Host|3a|"; nocase; http_header; content:"rapidshare.com"; nocase; http_header; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; reference:url,en.wikipedia.org/wiki/RapidShare; reference:url,doc.emergingthreats.net/2006368; classtype:policy-violation; sid:2006368; rev:6;)

Added 2011-10-12 19:20:35 UTC


##alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED Rapidshare download unauthd image post"; flow:to_server,established; content:"POST"; http_method; content:"/files/"; nocase; http_uri; content:"Host|3a|"; nocase; http_header; content:"rapidshare.com"; nocase; http_header; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; classtype:policy-violation; reference:url,en.wikipedia.org/wiki/RapidShare; reference:url,doc.emergingthreats.net/2006368; sid:2006368; rev:6;)

Added 2011-09-14 22:34:08 UTC


##alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED Rapidshare download unauthd image post"; flow:to_server,established; content:"POST"; http_method; content:"/files/"; nocase; http_uri; content:"Host|3a|"; nocase; http_header; content:"rapidshare.com"; nocase; http_header; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; classtype:policy-violation; reference:url,en.wikipedia.org/wiki/RapidShare; reference:url,doc.emergingthreats.net/2006368; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Metacafe; sid:2006368; rev:6;)

Added 2011-02-04 17:25:18 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Rapidshare download unauthd image post"; flow:to_server,established; content:"POST "; depth: 5; uricontent:"/files/"; nocase; content:"Host\:"; nocase; content:"rapidshare.com"; nocase; within: 40; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; reference:url,en.wikipedia.org/wiki/RapidShare; classtype:policy-violation; reference:url,doc.emergingthreats.net/2006368; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Metacafe; sid:2006368; rev:4;)

Added 2009-03-13 20:47:16 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Rapidshare download unauthd image post"; flow:to_server,established; content:"POST "; depth: 5; uricontent:"/files/"; nocase; content:"Host\:"; nocase; content:"rapidshare.com"; nocase; within: 40; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; reference:url,en.wikipedia.org/wiki/RapidShare; classtype:policy-violation; reference:url,doc.emergingthreats.net/2006368; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Metacafe; sid:2006368; rev:4;)

Added 2009-03-13 20:47:16 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Rapidshare download unauthd image post"; flow:to_server,established; content:"POST"; depth: 4; uricontent:"/files/"; nocase; content:"Host\:"; nocase; content:"rapidshare.com"; nocase; within: 40; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; reference:url,en.wikipedia.org/wiki/RapidShare; classtype:policy-violation; reference:url,doc.emergingthreats.net/2006368; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Metacafe; sid:2006368; rev:3;)

Added 2009-02-11 19:15:23 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Rapidshare download unauthd image post"; flow:to_server,established; content:"POST"; depth: 4; uricontent:"/files/"; nocase; content:"Host\:"; nocase; content:"rapidshare.com"; nocase; within: 40; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; reference:url,en.wikipedia.org/wiki/RapidShare; classtype:policy-violation; reference:url,doc.emergingthreats.net/2006368; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Metacafe; sid:2006368; rev:3;)

Added 2009-02-11 19:15:23 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Rapidshare download unauthd image post"; flow:to_server,established; content:"POST"; depth: 4; uricontent:"/files/"; nocase; content:"Host\:"; nocase; content:"rapidshare.com"; nocase; within: 40; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; reference:url,en.wikipedia.org/wiki/RapidShare; classtype:policy-violation; sid:2006368; rev:2;)

Added 2008-01-31 18:48:09 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Rapidshare download unauthd image post"; flow:to_server,established; content:"POST"; depth: 4; uricontent:"/files/"; nocase; content:"Host\:"; nocase; content:"rapidshare.com"; nocase; within: 40; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; reference:url,en.wikipedia.org/wiki/RapidShare; classtype:policy-violation; sid:2006368; rev:2;)

Added 2008-01-31 18:48:09 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"BLEEDING-EDGE POLICY Rapidshare download unauthd image post"; flow:to_server,established; content:"POST"; depth: 4; uricontent:"/files/"; nocase; content:"Host\:"; nocase; content:"rapidshare.com"; nocase; within: 40; content:"&accesscode="; nocase; content:"&actionstring=Download"; nocase; within:50; reference:url,en.wikipedia.org/wiki/RapidShare; classtype:policy-violation; sid:2006368; rev:1;)

Added 2007-07-04 08:51:50 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats