#alert udp $HOME_NET any -> $EXTERNAL_NET 53 (msg:"ET POLICY Possible External FreeGate? DNS Query"; content:"|03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 03 63 6f 6d 00|"; threshold:type limit, track by_src,count 3, seconds 30; reference:url,doc.emergingthreats.net/2008748; classtype:policy-violation; sid:2008748; rev:4; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 21:01:54 UTC


#alert udp $HOME_NET any -> $EXTERNAL_NET 53 (msg:"ET POLICY Possible External FreeGate? DNS Query"; content:"|03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 03 63 6f 6d 00|"; threshold:type limit, track by_src,count 3, seconds 30; reference:url,doc.emergingthreats.net/2008748; classtype:policy-violation; sid:2008748; rev:4;)

Added 2014-08-26 19:07:49 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET 53 (msg:"ET POLICY Possible External FreeGate? DNS Query"; content:"|03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 03 63 6f 6d 00|"; threshold:type limit, track by_src,count 3, seconds 30; reference:url,doc.emergingthreats.net/2008748; classtype:policy-violation; sid:2008748; rev:3;)

Added 2011-10-12 19:25:47 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET 53 (msg:"ET POLICY Possible External FreeGate? DNS Query"; content:"|03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 03 63 6f 6d 00|"; classtype:policy-violation; threshold:type limit, track by_src,count 3, seconds 30; reference:url,doc.emergingthreats.net/2008748; sid:2008748; rev:3;)

Added 2011-09-14 22:39:15 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET 53 (msg:"ET POLICY Possible External FreeGate? DNS Query"; content:"|03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 03 63 6f 6d 00|"; classtype:policy-violation; threshold:type limit, track by_src,count 3, seconds 30; reference:url,doc.emergingthreats.net/2008748; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_FreeGate; sid:2008748; rev:3;)

Added 2011-02-04 17:27:57 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET 53 (msg:"ET POLICY Possible External FreeGate? DNS Query"; content:"|03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 03 63 6f 6d 00|"; classtype:policy-violation; threshold:type limit, track by_src,count 3, seconds 30; reference:url,doc.emergingthreats.net/2008748; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_FreeGate; sid:2008748; rev:3;)

Added 2009-02-11 19:00:24 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET 53 (msg:"ET POLICY Possible External FreeGate? DNS Query"; content:"|03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 03 63 6f 6d 00|"; classtype:policy-violation; threshold:type limit, track by_src,count 3, seconds 30; reference:url,doc.emergingthreats.net/2008748; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_FreeGate; sid:2008748; rev:3;)

Added 2009-02-11 19:00:24 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET 53 (msg:"ET POLICY Possible External FreeGate? DNS Query"; content:"|03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 03 63 6f 6d 00|"; classtype:policy-violation; threshold:type limit, track by_src,count 3, seconds 30; sid:2008748; rev:2;)

Added 2008-11-13 18:14:17 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET 53 (msg:"ET POLICY Possible External FreeGate? DNS Query"; content:"|03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 03 63 6f 6d 00|"; classtype:policy-violation; threshold:type limit, track by_src,count 3, seconds 30; sid:2008748; rev:2;)

Added 2008-11-13 18:14:17 UTC


alert udp $HOME_NET any -> $EXTERNAL_NET 53 (msg:"ET POLICY Possible External FreeGate? DNS Query"; content:"|03 77 36 35 0d 7a 69 79 6f 75 6c 6f 6e 67 6c 69 76 65 03 63 6f 6d 00|"; offset: 13; depth: 23; classtype:policy-violation; threshold:type limit, track by_src,count 3, seconds 30; sid:2008748; rev:1;)

Added 2008-11-08 20:06:45 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats