alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:"ET TROJAN W32/Simbot.Backdoor Checkin"; flow:established,to_server; content:"GET /rclgx.php?id="; depth:18; reference:md5,a4edc9d31bc0ad763b3424e9306f4d7c; classtype:trojan-activity; sid:2014719; rev:1;)

Added 2012-05-07 21:36:05 UTC


Topic revision: r1 - 2012-05-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats