Guest User

Snort rules for Hola

a guest
Jun 3rd, 2015
820
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network encrypted handshake"; content:"|ac 2e bf 5c|"; offset:0; depth:4; classtype:trojan-activity; sid:500001; rev:2; )
  2. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network PCLR"; content:"PCLR"; offset:0; depth:4; classtype:trojan-activity; sid:500002; rev:2; )
  3. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network ZCLR"; content:"ZCLR"; offset:0; depth:4; classtype:trojan-activity; sid:500003; rev:2; )
  4. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network ZPNG"; content:"ZPNG"; offset:0; depth:4; classtype:trojan-activity; sid:500004; rev:2; )
RAW Paste Data