Versions (3)
Version DetailsCurrent
Rev: 6 • Apr 28, 2012, 12:00 PMET EXPLOIT RuggedCom Banner with MAC (SET)
alert tcp $HOME_NET 23 -> $EXTERNAL_NET any (msg:"ET EXPLOIT RuggedCom Banner with MAC (SET)"; flow:established,to_client; flowbits:set,ET.RUGGED.BANNER; content:"Rugged Operating System"; fast_pattern; content:"Copyright |28|c|29| RuggedCom"; distance:0; content:"MAC Address|3A|"; distance:0; reference:url,www.exploit-db.com/exploits/18779/; reference:url,arstechnica.com/business/news/2012/04/backdoor-in-mission-critical-hardware-threatens-power-traffic-control-systems.ars; classtype:attempted-recon; sid:2014645; rev:6; metadata:attack_target Networking_Equipment, created_at 2012_04_28, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Major, updated_at 2023_04_24;)
Apr 28, 2012, 12:00 PM
Apr 24, 2023, 12:00 PM
Apr 28, 2012, 12:00 PM
Sep 10, 2024, 9:00 PM
rules/emerging-exploit.rules