Rule History

alert dns $HOME_NET any -> any any (msg:"ET MALWARE Potential DNS Command and Control via TXT queries"; content:"|01 00 00 01 00 00 00 00 00 00|"; depth:10; offset:2; content:"|00 00 10 00 01|"; threshold:type both, track by_src,count 10, seconds 300; reference:url,lists.emergingthreats.net/pipermail/emerging-sigs/2011-September/015625.html; classtype:trojan-activity; sid:2013514; rev:3; metadata:created_at 2011_09_02, deprecation_reason Performance, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_01_03;)