alert tcp $EXTERNAL_NET 1024: -> $HOME_NET 1024: (msg:"ET TROJAN Unknown CnC? Channel Keep Alive Server Response"; flow:established,from_server; dsize:5; content:"|17 24 1b 00 00|"; classtype:trojan-activity; sid:2009866; rev:1;) Added 2009-09-04 10:45:36 UTC False +ves with <http://www.teamviewer.com> teamviewer seems to be catching on here! -- RussellFulton - 07 Sep 2009
Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actionsTopic revision: r2 - 2009-09-07 - RussellFulton
Main Web
Create New Topic
Index
Search
Changes
Preferences- User Reference
- ATasteOfTWiki
- TextFormattingRules
- Signature Reference
- WebRss Feed
- EmergingFAQ
 |
|
Copyright © Emerging Threats