ET FILE_SHARING Commonly Abused File Sharing Site Domain Observed (sendspace .com in TLS SNI)

7.0.35.0SID: 2035146Rev: 3Enabled1 views
Sourceet/open
Fileemerging-file_sharing.rules
CreatedFebruary 8, 2022
UpdatedJune 12, 2024
Classificationmisc-activity
alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET FILE_SHARING Commonly Abused File Sharing Site Domain Observed (sendspace .com in TLS SNI)"; flow:established,to_server; tls.sni; bsize:13; content:"sendspace.com"; fast_pattern; reference:url,www.ic3.gov/Media/News/2022/220204.pdf; classtype:misc-activity; sid:2035146; rev:3; metadata:created_at 2022_02_08, former_category INFO, confidence High, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_06_12;)

Metadata

created at2022_02_08
former categoryINFO
confidenceHigh
signature severityInformational
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_06_12

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!