ET MALWARE Yoyo-DDoS Bot HTTP Flood Attack Inbound

7.0.35.0SID: 2011402Rev: 7Disabled1 views
Sourceet/open
Fileemerging-malware.rules
CreatedSeptember 28, 2010
UpdatedApril 9, 2024
Classificationdenial-of-service
alert http1 $EXTERNAL_NET any -> $HOME_NET any (msg:"ET MALWARE Yoyo-DDoS Bot HTTP Flood Attack Inbound"; flow:established,to_server; http.header; content:"|0d 0a|Accept-Encoding|3a 20|g|7b|ip|2c 20|deflate|0d 0a|"; http.connection; bsize:10; content:"Keep|2D|Alivf"; fast_pattern; threshold:type limit, count 5, seconds 60, track by_src; reference:url,asert.arbornetworks.com/2010/08/yoyoddos-a-new-family-of-ddos-bots/; classtype:denial-of-service; sid:2011402; rev:7; metadata:created_at 2010_09_28, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_04_09;)

Metadata

created at2010_09_28
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_04_09

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!