Rule History

SID: 2009004 • Source: et/open

Versions (3)

Version DetailsCurrent

Rev: 5 • Jul 30, 2010, 12:00 PM

Message:

ET POLICY Login Credentials Possibly Passed in POST Data

Rule:

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET POLICY Login Credentials Possibly Passed in POST Data"; flow:established,to_server; http.method; content:"POST"; http.request_body; content:"username="; nocase; content:"password="; fast_pattern; nocase; classtype:policy-violation; sid:2009004; rev:5; metadata:created_at 2010_07_30, confidence High, signature_severity Informational, updated_at 2024_03_05;)

Created:

Jul 30, 2010, 12:00 PM

Updated:

Mar 5, 2024, 12:00 PM

DB Created:

Sep 21, 2024, 3:00 AM

DB Updated:

May 30, 2025, 12:04 AM

Filename:

rules/emerging-policy.rules