Main Webalert tcp $EXTERNAL_NET any -> $HOME_NET 25 (msg:"CURRENT_EVENTS Fake Airline E-ticket Email Inbound"; flow:established,to_server; content:"|0d 0a|Subject\: E-Ticket #"; pcre:"/eTicket.*\.zip/i"; classtype:trojan-activity; reference:url,www.us-cert.gov/current/archive/2008/07/31/archive.html#airline_e_ticket_email_attack; reference:url,www.sophos.com/security/blog/2008/07/1604.html; sid:2008486; rev:1;) Added 2008-08-01 13:00:22 UTC
Main Web
Create New Topic
Index
Search
Changes
Preferences- User Reference
- ATasteOfTWiki
- TextFormattingRules
- Signature Reference
- WebRss Feed
- EmergingFAQ
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback