SHARE
TWEET

Snort rules for Hola

a guest Jun 3rd, 2015 496 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network encrypted handshake"; content:"|ac 2e bf 5c|"; offset:0; depth:4; classtype:trojan-activity; sid:500001; rev:2; )
  2. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network PCLR"; content:"PCLR"; offset:0; depth:4; classtype:trojan-activity; sid:500002; rev:2; )
  3. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network ZCLR"; content:"ZCLR"; offset:0; depth:4; classtype:trojan-activity; sid:500003; rev:2; )
  4. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network ZPNG"; content:"ZPNG"; offset:0; depth:4; classtype:trojan-activity; sid:500004; rev:2; )
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top