alert http $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; classtype:attempted-recon; sid:2008417; rev:8; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 21:01:35 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET"; http_method; content:"?http|3A|//www.google."; nocase; content:"User-Agent|3A 20|Python-httplib2"; http_header; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; classtype:attempted-recon; sid:2008417; rev:8;)

Added 2011-10-12 19:25:05 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET"; http_method; content:"?http|3A|//www.google."; nocase; content:"User-Agent|3A 20|Python-httplib2"; http_header; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; sid:2008417; rev:8;)

Added 2011-09-14 22:38:32 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET"; http_method; content:"?http|3A|//www.google."; nocase; content:"User-Agent|3A 20|Python-httplib2"; http_header; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:8;)

Added 2011-02-04 17:27:35 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:4;)

Added 2010-01-05 12:46:23 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:4;)

Added 2010-01-05 12:46:23 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:4;)

Added 2010-01-05 12:45:44 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Vulnerability Scan"; flow:to_server,established; content:"GET /"; depth:5; content:"?http|3A|//www.google."; within:100; nocase; content:"|0d 0a|User-Agent|3A 20|Python-httplib2"; distance:0; classtype:attempted-recon; reference:url,wapiti.sourceforge.net/; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:4;)

Added 2010-01-05 12:45:44 UTC


#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Scan"; content:"|55 73 65 72 2d 41 67 65 6e 74 3a 20 50 79 74 68 6f 6e 2d 75 72 6c 6c 69 62 2f 32 2e 35 0d 0a|"; flow:to_server,established; classtype:attempted-recon; reference:url,wapiti.sourceforge.net; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:2;)

Added 2009-02-12 18:21:19 UTC


#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Scan"; content:"|55 73 65 72 2d 41 67 65 6e 74 3a 20 50 79 74 68 6f 6e 2d 75 72 6c 6c 69 62 2f 32 2e 35 0d 0a|"; flow:to_server,established; classtype:attempted-recon; reference:url,wapiti.sourceforge.net; reference:url,doc.emergingthreats.net/2008417; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_Wapiti; sid:2008417; rev:2;)

Added 2009-02-12 18:21:19 UTC


#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Scan"; content:"|55 73 65 72 2d 41 67 65 6e 74 3a 20 50 79 74 68 6f 6e 2d 75 72 6c 6c 69 62 2f 32 2e 35 0d 0a|"; flow:to_server,established; classtype:attempted-recon; reference:url,wapiti.sourceforge.net; sid:2008417; rev:1;)

Added 2008-07-22 15:00:21 UTC


#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Scan"; content:"|55 73 65 72 2d 41 67 65 6e 74 3a 20 50 79 74 68 6f 6e 2d 75 72 6c 6c 69 62 2f 32 2e 35 0d 0a|"; flow:to_server,established; classtype:attempted-recon; reference:url,wapiti.sourceforge.net; sid:2008417; rev:1;)

Added 2008-07-22 15:00:21 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET SCAN Wapiti Web Server Scan"; content:"|55 73 65 72 2d 41 67 65 6e 74 3a 20 50 79 74 68 6f 6e 2d 75 72 6c 6c 69 62 2f 32 2e 35 0d 0a|"; flow:to_server,established; classtype:attempted-recon; reference:url,wapiti.sourceforge.net; sid:2008417; rev:1;)

Added 2008-07-15 09:17:47 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats