mirror of https://github.com/OISF/suricata
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
557 B
ReStructuredText
32 lines
557 B
ReStructuredText
FTP/FTP-DATA Keywords
|
|
=====================
|
|
|
|
ftpdata_command
|
|
---------------
|
|
|
|
Filter ftp-data channel based on command used on the FTP command channel.
|
|
Currently supported commands are RETR (get on a file) and STOR (put on a
|
|
file).
|
|
|
|
Syntax::
|
|
|
|
ftpdata_command:(retr|stor)
|
|
|
|
Examples::
|
|
|
|
ftpdata_command:retr
|
|
ftpdata_command:stor
|
|
|
|
Signature example::
|
|
|
|
alert ftp-data any any -> any any (msg:"FTP store password"; filestore; filename:"password"; ftpdata_command:stor; sid:3; rev:1;)
|
|
|
|
ftpbounce
|
|
---------
|
|
|
|
Detect FTP bounce attacks.
|
|
|
|
Syntax::
|
|
|
|
ftpbounce
|