Rule History

SID: 2015500 • Source: et/open

Versions (3)

Version DetailsCurrent

Rev: 4 • Jul 21, 2012, 12:00 PM

Message:

ET POLICY Geo Location IP info online service (geoiptool.com)

Rule:

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY Geo Location IP info online service (geoiptool.com)"; flow:established,to_server; urilen:1; http.method; content:"GET"; http.host; content:"geoiptool.com"; endswith; reference:md5,04f02d7fea812ef78d2340015c5d768e; classtype:policy-violation; sid:2015500; rev:4; metadata:created_at 2012_07_21, confidence High, signature_severity Informational, updated_at 2020_04_22;)

Created:

Jul 21, 2012, 12:00 PM

Updated:

Apr 22, 2020, 12:00 PM

DB Created:

Sep 21, 2024, 3:00 AM

DB Updated:

May 30, 2025, 12:04 AM

Filename:

rules/emerging-policy.rules