EmergingThreats> Main Web>2008389 (revision 1)EditAttach

alert tcp $HOME_NET any -> $EXTERNAL_NET 3128 (msg:"ET TROJAN Likely Hupigon Post to Controller"; flow:established,to_server; content:"POST /+"; depth:7; flowbits:noalert; flowbits:set,ET.Hupinit1; reference:url,www.f-secure.com/v-descs/backdoor_w32_hupigon.shtml; classtype:trojan-activity; sid:2008389; rev:1;)

Added 2008-07-09 15:35:40 UTC


Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2008-07-09 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats