ET DOS Terse HTTP GET Likely AnonMafiaIC DDoS tool

7.0.35.0SID: 2019348Rev: 3Enabled2 views
Sourceet/open
Fileemerging-dos.rules
CreatedOctober 3, 2014
UpdatedMarch 6, 2024
Classificationattempted-dos
alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET DOS Terse HTTP GET Likely AnonMafiaIC DDoS tool"; flow:established,to_server; dsize:20; content:"GET / HTTP/1.0|0d 0a 0d 0a 0d 0a|"; depth:20; threshold:type both,track by_dst,count 500,seconds 60; classtype:attempted-dos; sid:2019348; rev:3; metadata:created_at 2014_10_03, confidence Medium, signature_severity Major, updated_at 2024_03_06;)

Metadata

created at2014_10_03
confidenceMedium
signature severityMajor
updated at2024_03_06

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!