""ET POLICY External Oracle T3 Requests Inbound""
SID: 2030129
Revision: 2
Class Type: policy-violation
Metadata: attack_target Server, created_at 2020_05_08, deployment Perimeter, performance_impact Low, signature_severity Informational, updated_at 2020_05_08
Reference:
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HTTP_SERVERS
Destination Port: any
Flow: established,to_server
Contents:
-
Value: "t3|20|" Depth: 3
-
Value: "|0a|AS|3a|"
-
Value: "|0a|HL|3a|"
-
Value: "|0a 0a|"
Within:
PCRE:
Special Options:
- fast_pattern