Network Security: Detailed info on [Snort-sigs] Bleedingsnort.com Daily Update

Subject:	[Snort-sigs] Bleedingsnort.com Daily Update
Date:	Thu, 28 Oct 2004 20:00:02 -0500

Subject:

[Snort-sigs] Bleedingsnort.com Daily Update

Date:

Thu, 28 Oct 2004 20:00:02 -0500


[***] Results from Oinkmaster started Thu Oct 28 20:00:02 2004 [***]

[+++]          Added rules:          [+++]

     -> Added to bleeding-inappropriate.rules (4):
        alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any ( 
msg:"BLEEDING-EDGE INAPPROPRIATE Kiddy Porn childlover"; content:" childlover 
"; nocase; sid:2001389; rev:1;)
        alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any ( 
msg:"BLEEDING-EDGE INAPPROPRIATE Kiddy Porn pthc"; content:" pthc "; nocase; 
sid:2001386; rev:1;)
        alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any ( 
msg:"BLEEDING-EDGE INAPPROPRIATE Kiddy Porn r@ygold"; content:" r@ygold "; 
nocase; sid:2001388; rev:1;)
        alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any ( 
msg:"BLEEDING-EDGE INAPPROPRIATE Kiddy Porn zeps"; content:" zeps "; nocase; 
sid:2001387; rev:1;)

[---]         Removed rules:         [---]

     -> Removed from bleeding-inappropriate.rules (2):
        alert tcp $HOME_NET any -> any !443 (msg:"BLEEDING-EDGE Inappropriate 
Content - Blowjob"; content:" blowjob "; nocase; flow:established; 
classtype:policy-violation; sid:2001354; rev:2;)
        alert tcp $HOME_NET any -> any !443 (msg:"BLEEDING-EDGE Inappropriate 
Content - Pussy"; content:" pussy "; nocase; flow:established; 
classtype:policy-violation; sid:2001357; rev:2;)

[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-inappropriate.rules (1):
        #From Patrick Harper

     -> Added to bleeding-sid-msg.map (4):
        2001386 || BLEEDING-EDGE INAPPROPRIATE Kiddy Porn pthc
        2001387 || BLEEDING-EDGE INAPPROPRIATE Kiddy Porn zeps
        2001388 || BLEEDING-EDGE INAPPROPRIATE Kiddy Porn r@ygold
        2001389 || BLEEDING-EDGE INAPPROPRIATE Kiddy Porn childlover

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (2):
        2001354 || BLEEDING-EDGE Inappropriate Content - Blowjob
        2001357 || BLEEDING-EDGE Inappropriate Content - Pussy

[*] Added files: [*]
    None.



-------------------------------------------------------
This Newsletter Sponsored by: Macrovision 
For reliable Linux application installations, use the industry's leading
setup authoring tool, InstallShield X. Learn more and evaluate 
today. http://clk.atdmt.com/MSI/go/ins0030000001msi/direct/01/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

<Prev in Thread]	Current Thread	[Next in Thread>
[Snort-sigs] Bleedingsnort.com Daily Update, (continued) [Snort-sigs] Bleedingsnort.com Daily Update, matt [Snort-sigs] Bleedingsnort.com Daily Update, matt [Snort-sigs] Bleedingsnort.com Daily Update, matt [Snort-sigs] Bleedingsnort.com Daily Update, matt RE: [Snort-sigs] Bleedingsnort.com Daily Update, Esler, Joel - Contractor RE: [Snort-sigs] Bleedingsnort.com Daily Update, Adrian Marsden Re: [Snort-sigs] Bleedingsnort.com Daily Update, Matt Jonkman Re: [Snort-sigs] Bleedingsnort.com Daily Update, Matt Jonkman [Snort-sigs] Bleedingsnort.com Daily Update, matt [Snort-sigs] Bleedingsnort.com Daily Update, matt [Snort-sigs] Bleedingsnort.com Daily Update, matt <= [Snort-sigs] Bleedingsnort.com Daily Update, matt [Snort-sigs] Bleedingsnort.com Daily Update, matt

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	RE: [Snort-sigs] ARP "Who has (one address)" > "Tell (many different, random IP's)", hchemin
Next by Date:	RE: [Snort-sigs] False positive alert: sid:2570, nnposter
Previous by Thread:	[Snort-sigs] Bleedingsnort.com Daily Update, matt
Next by Thread:	[Snort-sigs] Bleedingsnort.com Daily Update, matt
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

RE: [Snort-sigs] ARP "Who has (one address)" > "Tell (many different, random IP's)", hchemin

Next by Date:

RE: [Snort-sigs] False positive alert: sid:2570, nnposter

Previous by Thread:

[Snort-sigs] Bleedingsnort.com Daily Update, matt

Next by Thread:

[Snort-sigs] Bleedingsnort.com Daily Update, matt

Indexes:

[Date] [Thread] [Top] [All Lists]