alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORT (msg: "[WEB-ATTACKS] Nmap Scripting Engine User-Agent Detected (Nmap Scripting Engine)"; content: "User-Agent"; content: "Mozilla/5.0"; content: "Nmap Scripting Engine"; nocase; parse_src_ip: 1; parse_dst_ip: 2; reference:url,doc.emergingthreats.net/2009358; classtype:web-application-attack; sid:5001806; rev:1;)

-- Main.Sagan-Wiki-Add - 2015-10-21

New revisions of 5001806 will be below...

alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORT (msg: "[WEB-ATTACKS] Nmap Scripting Engine User-Agent Detected - Nmap Scripting Engine"; content: "User-Agent"; content: "Mozilla/5.0"; content: "Nmap Scripting Engine"; nocase; parse_src_ip: 1; parse_dst_ip: 2; reference:url,doc.emergingthreats.net/2009358; classtype:web-application-attack; sid:5001806; rev:2;)

-- Main.Sagan-Wiki-Add - 2016-8-30

Topic revision: r1 - 2015-10-21 - Sagan-Wiki-Add
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback