[prev in list] [next in list] [prev in thread] [next in thread]
List: bleeding-sigs
Subject: [Bleeding-sigs] Signature for access to gambling site.
From: Frank Knobbe <frank () knobbe ! us>
Date: 2006-09-20 7:51:11
Message-ID: 1158738671.1225.40.camel () localhost
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
I'm sure there are more gambling sites. A good idea to add to POLICY
rules. If you know of other gambling sites, please send them our way.
# Submitted 2006-09-17 by Mark Warren
# This signature was designed to detect access to http://www.bodog.com
# This website contains pornography, gambling, sports and sports related
betting
# The commercials for this website state that portions of the site were
designed
# to bypass security filters.
alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"BLEEDING-EDGE
POLICY Porn-Sports-Gambling site designed to bypass restrictions";
flow:to_server,established; content:"Host\:"; nocase; pcre:"/Host\:[^
\n]+\.(bodog|bodogbeat|bodognation|bodogmusic|bodogconference|
bodogpokerchampionships)\.com/i"; reference:url,www.bodog.com;
classtype:policy-violation; sid:2003100; rev:2;)
--=20
It is said that the Internet is a public utility. As such, it is best
compared to a sewer. A big, fat pipe with a bunch of crap sloshing
against your ports.
["signature.asc" (application/pgp-signature)]
_______________________________________________
Bleeding-sigs mailing list
Bleeding-sigs@bleedingsnort.com
http://lists.bleedingsnort.com/mailman/listinfo/bleeding-sigs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic