alert syslog $HOME_NET any -> $EXTERNAL_NET any (msg:"[SONICWALL] Intrusion Detection - RST Flood"; content: "RST"; content: "Flooding machine"; classtype: attempted-dos; parse_src_ip: 1; parse_dst_ip: 2; reference: url,www.sonicwall.com/downloads/SonicOS_Log_Event_Reference_Guide.pdf; sid:5002710; rev: 2; )
-- Main.Sagan-Wiki-Add - 2016-8-30
New revisions of 5002710 will be below...
alert any $HOME_NET any -> $EXTERNAL_NET any (msg:"[SONICWALL] Intrusion Detection - RST Flood"; content: "RST"; content: "Flooding machine"; classtype: attempted-dos; parse_src_ip: 1; parse_dst_ip: 2; reference: url,www.sonicwall.com/downloads/SonicOS_Log_Event_Reference_Guide.pdf; sid:5002710; rev:3;)
-- Main.Sagan-Wiki-Add - 2021-4-12