Rule History

alert tcp $EXTERNAL_NET any -> $HOME_NET [23,2323] (msg:"ET MALWARE Linux.Mirai Login Attempt (xc3511)"; flow:to_server,established; content:"xc3511|0d 0a|"; dsize:8; reference:url,www.flashpoint-intel.com/when-vulnerabilities-travel-downstream; classtype:trojan-activity; sid:2023333; rev:4; metadata:affected_product DVR, attack_target IoT, created_at 2016_10_10, deployment Datacenter, malware_family ddos_bot, performance_impact Low, confidence High, signature_severity Major, updated_at 2019_07_26;)