Advertisement
Guest User

Snort rules for Hola

a guest
Jun 3rd, 2015
1,642
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.62 KB | None | 0 0
  1. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network encrypted handshake"; content:"|ac 2e bf 5c|"; offset:0; depth:4; classtype:trojan-activity; sid:500001; rev:2; )
  2. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network PCLR"; content:"PCLR"; offset:0; depth:4; classtype:trojan-activity; sid:500002; rev:2; )
  3. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network ZCLR"; content:"ZCLR"; offset:0; depth:4; classtype:trojan-activity; sid:500003; rev:2; )
  4. alert tcp any any -> any any (msg:"VECTRA TROJAN Zon Network ZPNG"; content:"ZPNG"; offset:0; depth:4; classtype:trojan-activity; sid:500004; rev:2; )
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement