ET MALWARE Double HTTP/1.1 Header Outbound - Likely Infected or Hostile Traffic - Suricata Rule 2013745 (et/open)

ET MALWARE Double HTTP/1.1 Header Outbound - Likely Infected or Hostile Traffic

SID: 2013745Rev: 52 viewsHistory

Sourceet/open

CreatedOctober 5, 2011

UpdatedJuly 26, 2019

Classificationbad-unknown

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET MALWARE Double HTTP/1.1 Header Outbound - Likely Infected or Hostile Traffic"; flow:established,to_server; content:" HTTP/1.1|20|HTTP/1.1|0d 0a|"; depth:300; classtype:bad-unknown; sid:2013745; rev:5; metadata:created_at 2011_10_05, confidence Medium, signature_severity Major, updated_at 2019_07_26;)

Metadata

created at2011_10_05

confidenceMedium

signature severityMajor

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!