ET USER_AGENTS EmailSiphon Suspicious User-Agent Inbound

SID: 2013032Rev: 41 views
History
Sourceet/open
CreatedJune 14, 2011
UpdatedOctober 13, 2020
Classificationattempted-recon
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET USER_AGENTS EmailSiphon Suspicious User-Agent Inbound"; flow:established,to_server; http.user_agent; content:"EmailSiphon"; nocase; depth:11; reference:url,www.useragentstring.com/pages/useragentstring.php; classtype:attempted-recon; sid:2013032; rev:4; metadata:affected_product Any, attack_target Client_Endpoint, created_at 2011_06_14, deployment Perimeter, confidence High, signature_severity Major, tag User_Agent, updated_at 2020_10_13;)

References

urlwww.useragentstring.com/pages/useragentstring.php

Metadata

affected productAny
attack targetClient_Endpoint
created at2011_06_14
deploymentPerimeter
confidenceHigh
signature severityMajor
tagUser_Agent
updated at2020_10_13

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!