asdasdasd

1. alert http $EXTERNAL_NET any -> $HOME_NET [8083, 8443] (msg:"HTTP traffic to 8083 or 8443 port detected";classtype:suspicious;sid:001;rev:1;)
2. alert tcp $EXTERNAL_NET any -> $HOME_NET 3336 (msg:"mysql traffic to 3336 port detected";classtype:suspicious;sid:002;rev:1;)
3. alert tcp $EXTERNAL_NET any -> $HOME_NET 2288 (msg:"ssh traffic to 2288 detected";app-layer-protocol:ssh;classtype:suspicious;sid:003;rev:1;)
4. alert tcp $EXTERNAL_NET any -> $HOME_NET 2288 (msg:"ftp traffic to 2288 detected";app-layer-protocol:ftp;classtype:suspicious;sid:004;rev:1;)