ET HUNTING NOP Sled in HTTP Header Inbound - Possible Exploit Activity - Suricata Rule 2033430 (et/open)

ET HUNTING NOP Sled in HTTP Header Inbound - Possible Exploit Activity

SID: 2033430Rev: 10 viewsHistory

Sourceet/open

CreatedJuly 26, 2021

UpdatedJuly 26, 2021

Classificationbad-unknown

alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET HUNTING NOP Sled in HTTP Header Inbound - Possible Exploit Activity"; flow:established,to_server; http.header; content:"|90 90 90 90 90 90 90 90 90 90 90|"; fast_pattern; classtype:bad-unknown; sid:2033430; rev:1; metadata:created_at 2021_07_26, confidence Medium, signature_severity Minor, tag possible_exploitation, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_07_26;)

Metadata

created at2021_07_26

confidenceMedium

signature severityMinor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2021_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!