Removed rule. This rule is known, but it is no longer present in its source. Showing the last known version.Removed: Jul 15, 2026, 8:24 PM

ET COMPROMISED Known Compromised or Hostile Host Traffic group 21

7.0.35.0SID: 2500040Rev: 7684EnabledDerived13 viewsHistory
Sourceet/open
Filecompromised.rules
CreatedApril 28, 2011
UpdatedJuly 14, 2026
Classificationmisc-attack
alert ip [5.175.218.27,5.196.106.17,52.37.240.15,52.8.62.56,54.176.88.231,54.193.112.103,54.218.230.32,54.241.51.216,54.67.123.96,58.48.53.254,59.110.9.189,61.19.69.203,61.84.211.107,64.226.126.224,64.89.161.91,65.49.139.223,66.84.102.162,68.183.204.19,70.40.138.199,71.206.190.209,75.127.3.239,77.83.246.97,77.90.185.20,79.72.57.232,80.225.238.77,80.239.137.110,80.245.74.37,80.78.218.84,80.94.92.178,8.129.135.162] any -> $HOME_NET any (msg:"ET COMPROMISED Known Compromised or Hostile Host Traffic group 21"; reference:url,danger.rulez.sk/projects/bruteforceblocker/blist.php; threshold:type limit, track by_src, seconds 60, count 1; classtype:misc-attack; sid:2500040; rev:7684; metadata:affected_product Any, attack_target Any, deployment Perimeter, tag COMPROMISED, signature_severity Major, created_at 2011_04_28, updated_at 2026_07_14;)

Metadata

affected productAny
attack targetAny
deploymentPerimeter
tagCOMPROMISED
signature severityMajor
created at2011_04_28
updated at2026_07_14

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!