MALWARE-BACKDOOR -- Snort has detected suspicious communication traffic unrelated to commands, such as exfiltration of data from the infected machine, especially larger chunks of data.
MALWARE-BACKDOOR lamespy runtime detection - initial connection - set flowbit
This rule does not generate an event. It is used in conjunction with other rules to either reduce the possibility of false positives from occurring or to track the state of a connection. Impact: None. Details: This rule does not generate an event. It is used in conjunction with other rules to either reduce the possibility of false positives from occurring or to track the state of a connection. This rule is used by the sid(s) 6308. Ease of Attack: NA
No information provided
No public information
No known false positives
Cisco Talos
No rule groups
None
No information provided
None