Versions (3)
Version DetailsCurrent
Rev: 5 • Jul 30, 2010, 12:00 PMET POLICY CCProxy in use remotely - Possibly Hostile/Malware
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET POLICY CCProxy in use remotely - Possibly Hostile/Malware"; flow:established,to_client; content:" 200 Connection established|0d 0a|Proxy-agent|3a| CCProxy "; depth:58; reference:url,www.youngzsoft.net; classtype:misc-activity; sid:2007576; rev:5; metadata:created_at 2010_07_30, deployment Perimeter, deprecation_reason Age, performance_impact Low, confidence Low, signature_severity Minor, updated_at 2023_05_04;)
Jul 30, 2010, 12:00 PM
May 4, 2023, 12:00 PM
Jul 30, 2010, 12:00 PM
Sep 13, 2024, 3:01 PM
rules/emerging-policy.rules