alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET TROJAN Avzhan DDOS Bot Inbound Hardcoded Malformed GET Request Denial Of Service Attack Detected"; flow:established,to_server; content:"GET ^&&%$%$^%$#^&**(((&*^%$##$%^&*(*&^%$%^&.htm"; depth:49; nocase; threshold:type limit, count 1, seconds 60, track by_src; reference:url,asert.arbornetworks.com/2010/09/another-family-of-ddos-bots-avzhan/; classtype:attempted-dos; sid:2011767; rev:2;)

Added 2011-10-12 19:32:34 UTC


alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET TROJAN Avzhan DDOS Bot Inbound Hardcoded Malformed GET Request Denial Of Service Attack Detected"; flow:established,to_server; content:"GET ^&&%$%$^%$#^&**(((&*^%$##$%^&*(*&^%$%^&.htm"; depth:49; nocase; threshold:type limit, count 1, seconds 60, track by_src; classtype:attempted-dos; reference:url,asert.arbornetworks.com/2010/09/another-family-of-ddos-bots-avzhan/; sid:2011767; rev:2;)

Added 2011-02-04 17:31:33 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats