mirror of
https://github.com/BlackLight/Snort_AIPreproc.git
synced 2024-11-16 21:37:15 +01:00
15 lines
432 B
XML
15 lines
432 B
XML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE hyperalert PUBLIC "-//blacklight//DTD HYPERALERT SNORT MODEL//EN" "http://0x00.ath.cx/hyperalert.dtd">
|
||
|
|
||
|
<hyperalert>
|
||
|
<snort-id>1.1147.10</snort-id>
|
||
|
<desc>WEB-MISC cat%20 access</desc>
|
||
|
|
||
|
<pre>HostExists(+DST_ADDR+)</pre>
|
||
|
<pre>HasService(+DST_ADDR+, +DST_PORT+)</pre>
|
||
|
<pre>HasHttpInfo(+SRC_ADDR+, +DST_ADDR+)</pre>
|
||
|
|
||
|
<post>HasFileInfo(+SRC_ADDR+, +DST_ADDR+)</post>
|
||
|
</hyperalert>
|
||
|
|