SID 1:45983

Report a false positive

Rule Category

POLICY-OTHER --

Alert Message

POLICY-OTHER Sandvine PacketLogic http redirection attempt

Rule Explanation

This event is generated when Sandvine PacketLogic attempts redirection to a site potentially hosting unwanted applications Impact: Unintended redirection to website potentially hosting malicious software Details: CitizenLab has reported various governments/ISPs utilizing Sandvine PacketLogic appliance to redirect users attempting to download certain applications to another website hosting applications embedded with additional spyware. Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group, Yaser

Rule Groups

No rule groups

CVE

None

Additional Links

citizenlab.ca/2018/03/bad-traffic-sandvines-packetlogic-devices-deploy-government-spyware-turkey-syria
github.com/citizenlab/badtraffic

Rule Vulnerability

No information provided

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.

None