Difference between revisions of "WAF 360002"
From Atomicorp Wiki
m |
|||
| (One intermediate revision by one user not shown) | |||
| Line 20: | Line 20: | ||
[[WAF_360003]] | [[WAF_360003]] | ||
| + | |||
| + | [[WAF_360004]] | ||
| + | |||
| + | [[WAF_360005]] | ||
| + | |||
| + | [[WAF_360009]] | ||
'''Outside References''' | '''Outside References''' | ||
Latest revision as of 17:55, 4 May 2010
Rule ID
360002
Alert Message
Atomicorp.com Malware Blacklist: Malware Site detected in ARGS/Body (AE)
Description
This rules detects if a POST to the system contains a known malware domain.
False Positives
There are no known False Positives for this, however if you believe this is a false positive, it is recommended that you report this to our security team can determine if this is a legitimate case, or if its clever attack on your system and that you not disable this rule until our security team has reviewed the attack. Instructions to report false positives are detailed on the Reporting False Positives wiki page.
Similar Rules
Outside References
