#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED SSL MiTM? Vulnerable or EOL iOS 3.x device"; flow:established,to_server; content:"Mozilla/5.0 (iP"; http_header; content:" OS 3_"; http_header; distance:0; threshold:type limit, count 1, seconds 600, track by_src; reference:url,support.apple.com/kb/HT1222; reference:url,support.apple.com/kb/HT4824; reference:url,en.wikipedia.org/wiki/IOS_version_history; classtype:not-suspicious; sid:2013334; rev:3;)

Added 2011-10-12 19:36:37 UTC

#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED SSL MiTM? Vulnerable or EOL iOS 3.x device"; flow:established,to_server; content:"Mozilla/5.0 (iP"; http_header; content:" OS 3_"; http_header; distance:0; threshold:type limit, count 1, seconds 600, track by_src; classtype:not-suspicious; reference:url,support.apple.com/kb/HT1222; reference:url,support.apple.com/kb/HT4824; reference:url,en.wikipedia.org/wiki/IOS_version_history; sid:2013334; rev:3;)

Added 2011-09-27 22:24:16 UTC

#alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET DELETED SSL MiTM? Vulnerable or EOL iOS 3.x device"; flow:established,to_server; content:"Mozilla/5.0 (iP"; http_header; content:" OS 3_"; http_header; distance:0; classtype:not-suspicious; reference:url,support.apple.com/kb/HT1222; reference:url,support.apple.com/kb/HT4824; reference:url,en.wikipedia.org/wiki/IOS_version_history; sid:2013334; rev:2;)

Added 2011-09-20 19:24:28 UTC

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY SSL MiTM? Vulnerable or EOL iOS 3.x device"; flow:established,to_server; content:"Mozilla/5.0 (iP"; http_header; content:" OS 3_"; http_header; distance:0; classtype:not-suspicious; reference:url,support.apple.com/kb/HT1222; reference:url,support.apple.com/kb/HT4824; reference:url,en.wikipedia.org/wiki/IOS_version_history; sid:2013334; rev:2;)

Added 2011-07-29 20:54:27 UTC