https://community.cisco.com/t5/network-security/custom-signature-to-detect-malicious-javascript/m-p/896584#M84969 <HTML><HEAD></HEAD><BODY><P>You can find information on using the custom signature wizard here: <A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a0080618a2a.html" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a0080618a2a.html</A></P><P></P><P>-- Shiva</P></BODY></HTML> Fri, 11 Jan 2008 15:40:16 GMT shivapd 2008-01-11T15:40:16Z https://community.cisco.com/t5/network-security/custom-signature-to-detect-malicious-javascript/m-p/896583#M84967 <P>Using "US-CERT Critical Infrastructure Information Notice CIIN-08-005-01 January 05, 2008" as the reference. I'd like to create a custom signature that looks for the string "0.js"</P><P></P><P>The effort is to determine if my webservers have been or will be impacted as we allow SQL querries and injection, but the servers are patched.</P><P></P><P>Thanks</P> Sun, 10 Mar 2019 10:55:52 GMT https://community.cisco.com/t5/network-security/custom-signature-to-detect-malicious-javascript/m-p/896583#M84967 5creedus 2019-03-10T10:55:52Z https://community.cisco.com/t5/network-security/custom-signature-to-detect-malicious-javascript/m-p/896584#M84969 <HTML><HEAD></HEAD><BODY><P>You can find information on using the custom signature wizard here: <A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a0080618a2a.html" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a0080618a2a.html</A></P><P></P><P>-- Shiva</P></BODY></HTML> Fri, 11 Jan 2008 15:40:16 GMT https://community.cisco.com/t5/network-security/custom-signature-to-detect-malicious-javascript/m-p/896584#M84969 shivapd 2008-01-11T15:40:16Z