alert syslog $EXTERNAL_NET any -> $HOME_NET any (msg: "[WATCHGUARD] IPv4 DDOS attack against a server was detected"; program: WatchGuard*; content: "msg_id=|22|3000-0160|22|"; parse_proto; parse_src_ip: 1; parse_dst_ip: 2; classtype: denial-of-service; reference:url,www.watchguard.com/help/docs/wsm/XTM_11/en-US/log_catalog/index.html; sid:5003063; rev: 1;)
-- Main.Sagan-Wiki-Add - 2017-3-20
New revisions of 5003063 will be below...