ET COMPROMISED Known Compromised or Hostile Host Traffic group 1

SID: 2500000Rev: 763516 views
History
Sourceet/open
CreatedApril 28, 2011
UpdatedMay 26, 2026
Classificationmisc-attack
alert ip [103.147.14.125,103.210.22.17,103.228.36.205,104.155.110.106,104.155.127.59,104.155.27.113,104.155.78.140,104.199.19.60,104.199.25.101,104.199.5.111,104.199.85.216,104.252.175.235,104.36.21.137,107.175.212.220,107.189.24.162,107.189.24.77,110.43.37.72,111.170.34.11,112.185.143.13,112.203.68.87,112.203.69.89,113.53.185.70,115.140.161.61,116.110.12.22,116.110.13.197,116.110.145.122,116.110.146.125,116.110.147.23,116.110.147.30,116.110.14.96] any -> $HOME_NET any (msg:"ET COMPROMISED Known Compromised or Hostile Host Traffic group 1"; reference:url,danger.rulez.sk/projects/bruteforceblocker/blist.php; threshold:type limit, track by_src, seconds 60, count 1; classtype:misc-attack; sid:2500000; rev:7635; metadata:affected_product Any, attack_target Any, deployment Perimeter, tag COMPROMISED, signature_severity Major, created_at 2011_04_28, updated_at 2026_05_26;)

References

urldanger.rulez.sk/projects/bruteforceblocker/blist.php

Metadata

affected productAny
attack targetAny
deploymentPerimeter
tagCOMPROMISED
signature severityMajor
created at2011_04_28
updated at2026_05_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!