#alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET POLICY Outbound MSSQL Connection to Standard port (1433)"; flow:to_server,established; content:"|12 01 00|"; depth:3; content:"|00 00 00 00 00 00 15 00 06 01 00 1b 00 01 02 00 1c 00|"; distance:1; within:18; content:"|03 00|"; distance:1; within:2; content:"|00 04 ff 08 00 01 55 00 00 00|"; distance:1; within:10; flowbits:set,ET.MSSQL; classtype:bad-unknown; sid:2013410; rev:4; metadata:created_at 2011_08_15, updated_at 2011_08_15;)

Added 2017-08-07 21:06:42 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET POLICY Outbound MSSQL Connection to Standard port (1433)"; flow:to_server,established; content:"|12 01 00|"; depth:3; content:"|00 00 00 00 00 00 15 00 06 01 00 1b 00 01 02 00 1c 00|"; distance:1; within:18; content:"|03 00|"; distance:1; within:2; content:"|00 04 ff 08 00 01 55 00 00 00|"; distance:1; within:10; flowbits:set,ET.MSSQL; classtype:bad-unknown; sid:2013410; rev:4;)

Added 2012-01-04 10:02:42 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET POLICY Outbound MSSQL Connection to Standard port (1433)"; flow:to_server,established; content:"|12 01 00 29 00 00 00 00 00 00 15 00 06 01 00 1b 00 01 02 00 1c 00 01 03 00 1d 00 04 ff 08 00 01 55 00 00 00 00|"; depth:37; flowbits:set,ET.MSSQL; classtype:bad-unknown; sid:2013410; rev:3;)

Added 2011-10-12 19:36:47 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET POLICY Outbound MSSQL Connection to Standard port (1433)"; flow:to_server,established; content:"|12 01 00 29 00 00 00 00 00 00 15 00 06 01 00 1b 00 01 02 00 1c 00 01 03 00 1d 00 04 ff 08 00 01 55 00 00 00 00|"; depth:37; flowbits:set,ET.MSSQL; classtype:bad-unknown; sid:2013410; rev:3;)

Added 2011-08-15 19:51:59 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 1433 (msg:"ET POLICY Outbound MSSQL Connection to Standard port (1433)"; flow:to_server,established; content:"|12 01 00 29 00 00 00 00 00 00 15 00 06 01 00 1b 00 01 02 00 1c 00 01 03 00 1d 00 04 ff 08 00 01 55 00 00 00 00|"; depth:37; flowbits:set,ET.MSSQL; classtype:bad-unknown; sid:2013410; rev:3;)

Added 2011-08-15 19:20:20 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats