EmergingThreats> Main Web>2007611 (revision 1)EditAttach

alert tcp $HOME_NET any -> $EXTERNAL_NET 25 (msg:"BLEEDING-EDGE POLICY Possible Infection Report Mail - Indy Mail lib and No Message Body"; flow:established,to_server; content:"|0d 0a|X-Priority: 1|0d 0a|X-Library: Indy "; content:"|0d 0a 0d 0a 2e 0d 0a|"; within:22; classtype:trojan-activity; sid:2007611; rev:1;)

Added 2007-09-08 11:56:32 UTC


Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2007-09-08 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats