alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"ET EXPLOIT Potential RoaringBeast? ProFTPd? Exploit Specific (CHMOD 777)"; flow:established,to_server; content:"SITE CHMOD 777 NONEXISTANT"; depth:26; reference:url,www.exploit-db.com/exploits/18181/; reference:url,stopmalvertising.com/malware-reports/the-c3284d-malware-network-stats.php.html; classtype:trojan-activity; sid:2015515; rev:2;)

Added 2012-07-23 21:19:17 UTC


Topic revision: r1 - 2012-07-24 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats