#alert http $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"401"; http_stat_code; threshold: type both, count 1, seconds 300, track by_dst; reference:url,doc.emergingthreats.net/2009345; classtype:attempted-recon; sid:2009345; rev:8; metadata:created_at 2010_07_30, updated_at 2010_07_30;)

Added 2017-08-07 21:02:29 UTC


#alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"401"; http_stat_code; threshold: type both, count 1, seconds 300, track by_dst; reference:url,doc.emergingthreats.net/2009345; classtype:attempted-recon; sid:2009345; rev:7;)

Added 2011-10-12 19:27:10 UTC


#alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"401"; http_stat_code; threshold: type both, count 1, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; sid:2009345; rev:7;)

Added 2011-09-14 22:40:31 UTC


#alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"401"; http_stat_code; threshold: type both, count 1, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:7;)

Added 2011-02-04 17:28:39 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; threshold: type both, count 1, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:5;)

Added 2009-10-22 13:45:21 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; threshold: type both, count 1, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:5;)

Added 2009-10-22 13:45:21 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; threshold: type both, count 1, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:4;)

Added 2009-05-14 11:25:02 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; threshold: type both, count 1, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:4;)

Added 2009-05-14 11:25:02 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; threshold: type limit, count 10, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:3;)

Added 2009-05-13 13:02:54 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; threshold: type limit, count 10, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:3;)

Added 2009-05-13 13:02:54 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; threshold: type limit, count 10, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:3;)

Added 2009-05-13 13:00:32 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; threshold: type limit, count 10, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:3;)

Added 2009-05-13 13:00:32 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; threshold: type limit, count 10, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:3;)

Added 2009-05-13 13:00:23 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; threshold: type limit, count 10, seconds 300, track by_dst; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:3;)

Added 2009-05-13 13:00:23 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:2;)

Added 2009-05-11 17:45:36 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; classtype:attempted-recon; reference:url,doc.emergingthreats.net/2009345; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/ATTACK_RESPONSE/ATTACK_RESPONSE_401_Unauthorized; sid:2009345; rev:2;)

Added 2009-05-11 17:45:36 UTC


alert tcp $HTTP_SERVERS $HTTP_PORTS -> $EXTERNAL_NET any (msg:"ET ATTACK-RESPONSE HTTP 401 Unauthorized"; flow:from_server,established; content:"HTTP/1."; depth:7; content:" 401"; within:5; classtype:attempted-recon; sid:2009345; rev:1;)

Added 2009-05-11 09:46:23 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats