Rule History

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Optix Pro Trojan/Keylogger Reporting Installation via HTTP-Email Post"; flow:established,to_server; http.method; content:"POST"; nocase; http.request_body; content:"to="; content:"Optix Pro v"; content:" Server Online"; reference:url,en.wikipedia.org/wiki/Optix_Pro; classtype:trojan-activity; sid:2008218; rev:8; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_04_21;)