alert udp any any -> any 53 (msg:"ET POLICY DNS Query to .onion proxy Domain (onion.cab)"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|05|onion|03|cab|00|"; fast_pattern; nocase; metadata: former_category POLICY; reference:md5,de81fab8ec96bef76db828f4c1a42e4d; classtype:policy-violation; sid:2018876; rev:3; metadata:created_at 2014_08_01, updated_at 2018_06_12;)

Added 2018-09-13 19:49:05 UTC


Added 2018-09-13 17:58:52 UTC


alert udp any any -> any 53 (msg:"ET POLICY DNS Query to .onion proxy Domain (onion.cab)"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|05|onion|03|cab|00|"; fast_pattern; nocase; metadata: former_category POLICY; reference:md5,de81fab8ec96bef76db828f4c1a42e4d; classtype:policy-violation; sid:2018876; rev:3; metadata:created_at 2014_08_01, updated_at 2018_06_12;)

Added 2018-06-12 18:13:34 UTC


alert udp any any -> any 53 (msg:"ET POLICY DNS Query to .onion proxy Domain (onion.cab)"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|05|onion|03|cab|00|"; fast_pattern; nocase; metadata: former_category POLICY; reference:md5,de81fab8ec96bef76db828f4c1a42e4d; classtype:policy-violation; sid:2018876; rev:2; metadata:created_at 2014_08_01, updated_at 2017_03_28;)

Added 2017-08-07 21:13:01 UTC


alert udp any any -> any 53 (msg:"ET POLICY DNS Query to .onion proxy Domain (onion.cab)"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|05|onion|03|cab|00|"; fast_pattern; nocase; reference:md5,de81fab8ec96bef76db828f4c1a42e4d; classtype:policy-violation; sid:2018876; rev:2;)

Added 2017-05-05 16:58:53 UTC


alert udp any any -> any 53 (msg:"ET POLICY DNS Query to .onion proxy Domain (onion.cab)"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|05|onion|03|cab|00|"; fast_pattern; nocase; metadata: former_category POLICY; reference:md5,de81fab8ec96bef76db828f4c1a42e4d; classtype:policy-violation; sid:2018876; rev:2;)

Added 2017-05-03 17:35:15 UTC


alert udp any any -> any 53 (msg:"ET POLICY DNS Query to .onion proxy Domain (onion.cab)"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|05|onion|03|cab|00|"; fast_pattern; nocase; reference:md5,de81fab8ec96bef76db828f4c1a42e4d; classtype:policy-violation; sid:2018876; rev:2;)

Added 2017-03-28 17:13:11 UTC


alert udp any any -> any 53 (msg:"ET POLICY onion.cab .onion Proxy DNS lookup"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|05|onion|03|cab|00|"; fast_pattern; nocase; reference:md5,de81fab8ec96bef76db828f4c1a42e4d; classtype:policy-violation; sid:2018876; rev:1;)

Added 2014-08-01 17:49:10 UTC


Topic revision: r1 - 2018-09-13 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats