alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Dell MyWay? Remote control agent"; flow:established,to_server; content:"Referer|3a| http|3a|//dell"; http_header; content:"Host|3a| "; http_header; content:"myway.com"; nocase; http_header; threshold:type limit, track by_src, count 2, seconds 360; reference:url,doc.emergingthreats.net/2008051; classtype:not-suspicious; sid:2008051; rev:4; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 21:01:15 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Dell MyWay? Remote control agent"; flow:established,to_server; content:"Referer|3a| http|3a|//dell"; http_header; content:"Host|3a| "; http_header; content:"myway.com"; nocase; http_header; threshold:type limit, track by_src, count 2, seconds 360; reference:url,doc.emergingthreats.net/2008051; classtype:not-suspicious; sid:2008051; rev:4;)

Added 2011-10-12 19:24:21 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Dell MyWay? Remote control agent"; flow:established,to_server; content:"Referer|3a| http|3a|//dell"; http_header; content:"Host|3a| "; http_header; content:"myway.com"; nocase; http_header; classtype:not-suspicious; threshold:type limit, track by_src, count 2, seconds 360; reference:url,doc.emergingthreats.net/2008051; sid:2008051; rev:4;)

Added 2011-09-14 22:37:50 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Dell MyWay? Remote control agent"; flow:established,to_server; content:"Referer|3a| http|3a|//dell"; http_header; content:"Host|3a| "; http_header; content:"myway.com"; nocase; http_header; classtype:not-suspicious; threshold:type limit, track by_src, count 2, seconds 360; reference:url,doc.emergingthreats.net/2008051; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Dell_Spyware; sid:2008051; rev:4;)

Added 2011-02-04 17:27:09 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Dell MyWay? Remote control agent"; flow:established,to_server; content:"|0d 0a|Referer\: http\://dell"; depth:100; content:"|0d 0a|Host\: "; depth:250; content:"myway.com"; nocase; within:20; distance:0; classtype:not-suspicious; threshold:type limit, track by_src, count 2, seconds 360; reference:url,doc.emergingthreats.net/2008051; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Dell_Spyware; sid:2008051; rev:2;)

Added 2009-02-11 19:00:24 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Dell MyWay? Remote control agent"; flow:established,to_server; content:"|0d 0a|Referer\: http\://dell"; depth:100; content:"|0d 0a|Host\: "; depth:250; content:"myway.com"; nocase; within:20; distance:0; classtype:not-suspicious; threshold:type limit, track by_src, count 2, seconds 360; reference:url,doc.emergingthreats.net/2008051; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_Dell_Spyware; sid:2008051; rev:2;)

Added 2009-02-11 19:00:24 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY Dell MyWay? Remote control agent"; flow:established,to_server; content:"|0d 0a|Referer\: http\://dell"; depth:100; content:"|0d 0a|Host\: "; depth:250; content:"myway.com"; nocase; within:20; distance:0; classtype:not-suspicious; threshold:type limit, track by_src, count 2, seconds 360; sid:2008051; rev:1;)

Added 2008-03-24 23:55:07 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats