blob: 068b14e33cc7a93098f9f8f6afc040b85b1cd0d0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
FTP/FTP-DATA Keywords
=====================
ftpdata_command
---------------
Filter ftp-data channel based on command used on the FTP command channel.
Currently supported commands are RETR (get on a file) and STOR (put on a
file).
Syntax::
ftpdata_command:(retr|stor)
Examples::
ftpdata_command:retr
ftpdata_command:stor
Signature example::
alert ftp-data any any -> any any (msg:"FTP store password"; filestore; filename:"password"; ftpdata_command:stor; sid:3; rev:1;)
ftpbounce
---------
Detect FTP bounce attacks.
Syntax::
ftpbounce
|
