ET CURRENT_EVENTS SSL SinkHole Cert Possible Infected Host

SID: 2019503Rev: 30 views
History
Sourceet/open
CreatedOctober 24, 2014
UpdatedApril 23, 2024
Classificationtrojan-activity
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET CURRENT_EVENTS SSL SinkHole Cert Possible Infected Host"; flow:established,to_client; tls.cert_subject; content:"www.kitchensinks.n0t"; nocase; classtype:trojan-activity; sid:2019503; rev:3; metadata:created_at 2014_10_24, confidence Medium, signature_severity Major, updated_at 2024_04_23;)

Metadata

created at2014_10_24
confidenceMedium
signature severityMajor
updated at2024_04_23

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!