[Snort-sigs] Fw: Snort Rules

alex dina alexander_dina at ...144...
Thu Feb 14 17:28:30 EST 2013



 
Alex Dina 
Network Security Engineer, CISSP, CISM 
301-404-5312

----- Forwarded Message -----
From: alex dina <alexander_dina at ...144...>
To: "Snort-sigs at lists.sourceforge.net" <Snort-sigs at lists.sourceforge.net> 
Sent: Thursday, February 14, 2013 2:07 PM
Subject: Snort Rules 
 


Also, can you please explain what these rule are looking for in a data packet? Thank you!


alert tcp any any -> any any (msg:"Taidoor trojan -
notify Threat Cell"; content:"GET /"; content:".asp?est=";
content:"&hn="; content:"&ha="; sid:4200455;
rev:1;)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20130214/16a156a2/attachment.html>


More information about the Snort-sigs mailing list