[Snort-sigs] Gator spyware detection

Esler, Joel Contractor EslerJ at ...785...
Wed Jul 2 08:05:05 EDT 2003


This is the most basic rule one can get for detecting Gator.com spyware in
the network..

alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"Possible Gator.com
software"; content:"MACHINEID";)

Let me know some results if any..


J




More information about the Snort-sigs mailing list