ET VOIP Possible Misuse Call from Cisco ooh323

7.0.35.0SID: 2021066Rev: 3Enabled1 views
Sourceet/open
Fileemerging-voip.rules
CreatedMay 7, 2015
UpdatedMarch 6, 2024
Classificationmisc-attack
alert tcp $EXTERNAL_NET any -> $HOME_NET 1720 (msg:"ET VOIP Possible Misuse Call from Cisco ooh323"; flow:established,to_server; content:"|28 06|cisco|00|"; offset:14; depth:8; content:"|b8 00 00 27 05|ooh323|06|"; within:60; reference:url,videonationsltd.co.uk/2015/04/h-323-cisco-spam-calls/; classtype:misc-attack; sid:2021066; rev:3; metadata:created_at 2015_05_07, confidence Medium, signature_severity Informational, updated_at 2024_03_06;)

Metadata

created at2015_05_07
confidenceMedium
signature severityInformational
updated at2024_03_06

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!