Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- alert tcp [150.249.227.160/28,153.231.215.8/29,153.231.216.176/29,153.231.216.184/29,153.231.216.216/29,153.231.226.160/29,153.231.226.168/29,153.231.227.192/29 ,153.231.227.208/29,153.231.227.216/29,153.231.227.224/29] any -> any any (msg:"NICT NOTICE device investigation traffic detected"; classtype:attempted-recon; sid:190200; rev:1; priority:3)
- alert tcp [150.249.227.160/28,153.231.215.8/29,153.231.216.176/29,153.231.216.184/29,153.231.216.216/29,153.231.226.160/29,153.231.226.168/29,153.231.227.192/29 ,153.231.227.208/29,153.231.227.216/29,153.231.227.224/29] any -> any any (msg:"NICT NOTICE device investigation traffic detected - Established"; flow:established,to_server; classtype:attempted-recon; rev:1; sid:190201; priority:2)
- alert tcp [150.249.227.160/28,153.231.215.8/29,153.231.216.176/29,153.231.216.184/29,153.231.216.216/29,153.231.226.160/29,153.231.226.168/29,153.231.227.192/29 ,153.231.227.208/29,153.231.227.216/29,153.231.227.224/29] any <-> any any (msg:"NICT NOTICE device investigation traffic detected - SYN ACK"; flags:AS; classtype:attempted-recon; sid:190202; rev:1; priority:2)
- alert tcp [150.249.227.160/28,153.231.215.8/29,153.231.216.176/29,153.231.216.184/29,153.231.216.216/29,153.231.226.160/29,153.231.226.168/29,153.231.227.192/29 ,153.231.227.208/29,153.231.227.216/29,153.231.227.224/29] any <-> any 80 (msg:"NICT NOTICE device investigation traffic detected - HTTP"; flags:AS; classtype:attempted-recon; sid:190203; rev:1; priority:2)
- alert tcp [150.249.227.160/28,153.231.215.8/29,153.231.216.176/29,153.231.216.184/29,153.231.216.216/29,153.231.226.160/29,153.231.226.168/29,153.231.227.192/29 ,153.231.227.208/29,153.231.227.216/29,153.231.227.224/29 ] any <-> any 22:23 (msg:"NICT MPTICE device investigation traffic detected - Remote Shell"; flags:AS; classtype:attempted-recon; sid:190204; rev:1; priority:2)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
