Main Webalert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN VirtualProtect? Packed Binary - Likely Hostile"; flow:established,from_server; content:"|2E 72 73 72 63|"; content:"|2E 70 61 63 6B 33 32 00|"; within:49; reference:url,bits.packetninjas.org/eblog/?p=3; classtype:trojan-activity; sid:2008509; rev:2;) Added 2008-08-19 15:00:22 UTC
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN VirtualProtect? Packed Binary - Likely Hostile"; flow:established,from_server; content:"|2E 72 73 72 63|"; content:"|2E 70 61 63 6B 33 32 00|"; within:49; reference:url,bits.packetninjas.org/eblog/?p=3; classtype:trojan-activity; sid:2008509; rev:2;) Added 2008-08-19 15:00:22 UTC
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN VirtualProtect? Packed Binary -- Likely Hostile"; flow:established,from_server; content:"|2E 72 73 72 63|"; content:"|2E 70 61 63 6B 33 32 00|"; within:49; reference:url,bits.packetninjas.org/eblog/?p=3; classtype:trojan-activity; sid:2008509; rev:1;) Added 2008-08-19 14:30:21 UTC
Main Web
Create New Topic
Index
Search
Changes
Preferences- User Reference
- ATasteOfTWiki
- TextFormattingRules
- Signature Reference
- WebRss Feed
- EmergingFAQ
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback