Version DetailsCurrent
Rev: 6 • Sep 25, 2025, 2:40 PMPOLICY [PTsecurity] TOR cert FB set FB0_01
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"POLICY [PTsecurity] TOR cert FB set FB0_01"; flow:established, to_client; content:"|3082|"; depth:300; content:"|308201|"; distance:2; within:3; content:"|a00302010202|"; distance:1; within:6; content:"|7777|"; distance:38; within:2; fast_pattern; flowbits:set, FB0_01; flowbits:noalert; reference:url, rules.ptsecurity.com; classtype:policy-violation; sid:10001844; rev:6;)
Sep 25, 2025, 2:40 PM
Feb 13, 2026, 2:43 PM
Oct 16, 2025, 10:34 AM
Mar 2, 2026, 1:34 PM
rules/ptopen-info.rules