Versions (3)
Version DetailsCurrent
Rev: 6 • Nov 1, 2012, 12:00 PMET SNMP Attempt to retrieve Cisco Config via TFTP (CISCO-CONFIG-COPY)
alert udp any any -> any 161 (msg:"ET SNMP Attempt to retrieve Cisco Config via TFTP (CISCO-CONFIG-COPY)"; content:"|2b 06 01 04 01 09 09 60 01 01 01 01|"; fast_pattern; classtype:policy-violation; sid:2015856; rev:6; metadata:created_at 2012_11_01, confidence Medium, signature_severity Minor, updated_at 2019_10_08;)
Nov 1, 2012, 12:00 PM
Oct 8, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-snmp.rules