Removed rule. This rule is known, but it is no longer present in its source. Showing the last known version.Removed: Jul 15, 2026, 8:24 PM
ET COMPROMISED Known Compromised or Hostile Host Traffic group 22
Sourceet/open
Filecompromised.rules
CreatedApril 28, 2011
UpdatedJuly 14, 2026
Classificationmisc-attack
alert ip [8.129.29.97,8.130.150.26,8.130.50.191,8.130.85.238,8.134.111.31,8.134.129.191,8.135.56.183,8.136.130.160,8.136.56.76,8.138.181.211,8.138.194.100,8.148.180.11,8.148.228.13,8.148.244.39,8.152.96.110,8.166.134.51,8.210.141.100,82.165.175.206,8.219.164.137,83.194.93.43,87.120.84.66,87.251.66.118,89.23.113.208,92.205.26.151,92.4.76.12,93.89.113.60,94.154.43.181,94.154.43.30,94.154.43.66,94.183.234.128] any -> $HOME_NET any (msg:"ET COMPROMISED Known Compromised or Hostile Host Traffic group 22"; reference:url,danger.rulez.sk/projects/bruteforceblocker/blist.php ; threshold:type limit, track by_src, seconds 60, count 1 ; classtype:misc-attack; sid:2500042; rev:7684; metadata:affected_product Any, attack_target Any, deployment Perimeter, tag COMPROMISED, signature_severity Major, created_at 2011_04_28, updated_at 2026_07_14;)
References
Metadata
affected productAny
attack targetAny
deploymentPerimeter
tagCOMPROMISED
signature severityMajor
created at2011_04_28
updated at2026_07_14
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!