ET DOS High Orbit Ion Cannon (HOIC) Attack Inbound Generic Detection Double Spaced UA

SID: 2014153Rev: 90 views
History
Sourceet/open
CreatedJanuary 28, 2012
UpdatedMarch 11, 2024
Classificationattempted-dos
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DOS High Orbit Ion Cannon (HOIC) Attack Inbound Generic Detection Double Spaced UA"; flow:established,to_server; http.header.raw; content:"User-Agent|3a 20 20|"; fast_pattern; threshold:type both, track by_src, count 225, seconds 60; reference:url,blog.spiderlabs.com/2012/01/hoic-ddos-analysis-and-detection.html; classtype:attempted-dos; sid:2014153; rev:9; metadata:created_at 2012_01_28, confidence Medium, signature_severity Major, updated_at 2024_03_11;)

References

urlblog.spiderlabs.com/2012/01/hoic-ddos-analysis-and-detection.html

Metadata

created at2012_01_28
confidenceMedium
signature severityMajor
updated at2024_03_11

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!