ET POLICY CCProxy in use remotely - Possibly Hostile/Malware - Suricata Rule 2007576 (et/open)

ET POLICY CCProxy in use remotely - Possibly Hostile/Malware

SID: 2007576Rev: 50 viewsHistory

Sourceet/open

CreatedJuly 30, 2010

UpdatedMay 4, 2023

Classificationmisc-activity

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET POLICY CCProxy in use remotely - Possibly Hostile/Malware"; flow:established,to_client; content:" 200 Connection established|0d 0a|Proxy-agent|3a| CCProxy "; depth:58; reference:url,www.youngzsoft.net; classtype:misc-activity; sid:2007576; rev:5; metadata:created_at 2010_07_30, deployment Perimeter, deprecation_reason Age, performance_impact Low, confidence Low, signature_severity Minor, updated_at 2023_05_04;)

References

url	www.youngzsoft.net

Metadata

created at2010_07_30

deploymentPerimeter

deprecation reasonAge

performance impactLow

confidenceLow

signature severityMinor

updated at2023_05_04

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!