Versions (2)
Version DetailsCurrent
Rev: 5 • Jul 30, 2011, 12:00 PMET DELETED SSL MiTM Vulnerable or EOL iOS 4.x device
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET DELETED SSL MiTM Vulnerable or EOL iOS 4.x device"; flow:established,to_server; content:"Mozilla/5.0 (iP"; http_header; content:" OS 4_"; http_header; distance:0; pcre:"/OS 4_[0-3]_[1-4] like/H"; threshold:type limit, count 1, seconds 600, track by_src; reference:url,support.apple.com/kb/HT1222; reference:url,support.apple.com/kb/HT4824; reference:url,en.wikipedia.org/wiki/IOS_version_history; classtype:not-suspicious; sid:2013335; rev:5; metadata:created_at 2011_07_30, signature_severity Unknown, updated_at 2019_07_26;)
Jul 30, 2011, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-deleted.rules