""ET INFO MySQL Database Query Version OS compile""
SID: 2015994
Revision: 2
Class Type: misc-activity
Metadata: created_at 2012_12_06, updated_at 2012_12_06
Reference:
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $SQL_SERVERS
Destination Port: 3306
Flow: to_server,established
Contents:
-
Value: "|03|" Depth: 4 Offset: 3
-
Value: "select |40 40|version_compile_os"
Within:
PCRE: "/SELECT @@version_compile_os\s*?\x3b/i"
Special Options:
- nocase