Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Bleedingsnort.com Daily Update

from [bleeding] Network Security [Permanent Link]
Subject: [Snort-sigs] Bleedingsnort.com Daily Update
Date: Thu, 17 Mar 2005 20:00:05 -0500 (EST) 

[***] Results from Oinkmaster started Thu Mar 17 20:00:05 2005 [***]

[+++]          Added rules:          [+++]

 2001795 - BLEEDING-EDGE DOS Excessive SMTP MAIL-FROM DDoS (bleeding-dos.rules)


[///]     Modified active rules:     [///]

 2000496 - BLEEDING-EDGE DOS Microsoft SMS dos attempt (bleeding-dos.rules)
 2000587 - BLEEDING-EDGE Malware SpywareLabs VirtualBouncer Seeking 
Instructions (bleeding-malware.rules)
 2000588 - BLEEDING-EDGE Malware TopMoxie Reporting Data to External Host 
(bleeding-malware.rules)
 2000596 - BLEEDING-EDGE Malware Gator/Claria Data Submission 
(bleeding-malware.rules)
 2001021 - BLEEDING-EDGE Suspicious Encrypted Webpage Content 
(bleeding-web.rules)
 2001049 - BLEEDING-EDGE Buffer Overflow Exploit in Adobe Acrobat Reader 
(bleeding-exploit.rules)
 2001060 - BLEEDING-EDGE P2P Ares GET (bleeding-p2p.rules)
 2001076 - BLEEDING-EDGE WEB-MISC cross site scripting attempt TYPE + 
JAVASCRIPT (bleeding-web.rules)
 2001077 - BLEEDING-EDGE WEB-MISC cross site scripting attempt STYLE + 
JAVASCRIPT (bleeding-web.rules)
 2001078 - BLEEDING-EDGE WEB-MISC cross site scripting attempt STYLE + JSCRIPT 
(bleeding-web.rules)
 2001079 - BLEEDING-EDGE WEB-MISC cross site scripting attempt STYLE + VBSCRIPT 
(bleeding-web.rules)
 2001080 - BLEEDING-EDGE WEB-MISC cross site scripting attempt STYLE + VBSCRIPT 
(bleeding-web.rules)
 2001081 - BLEEDING-EDGE WEB-MISC cross site scripting attempt STYLE + 
ECMACRIPT (bleeding-web.rules)
 2001082 - BLEEDING-EDGE WEB-MISC cross site scripting attempt STYLE + 
EXPRESSION (bleeding-web.rules)
 2001083 - BLEEDING-EDGE WEB-MISC cross site scripting attempt STYLE + 
EXPRESSION (bleeding-web.rules)
 2001085 - BLEEDING-EDGE WEB-MISC cross site scripting attempt executing hidden 
Javascript (bleeding-web.rules)
 2001086 - BLEEDING-EDGE WEB-MISC cross site scripting attempt executing hidden 
Javascript (bleeding-web.rules)
 2001087 - BLEEDING-EDGE WEB-MISC cross site scripting attempt to execute 
Javascript code (bleeding-web.rules)
 2001088 - BLEEDING-EDGE WEB-MISC cross site scripting attempt to execute 
VBScript code (bleeding-web.rules)
 2001089 - BLEEDING-EDGE WEB-MISC cross site scripting attempt to access 
SHELL\: (bleeding-web.rules)
 2001094 - BLEEDING-EDGE Internet Explorer URL parsing vulnerability 
(bleeding-exploit.rules)
 2001099 - BLEEDING-EDGE Attempt to execute VBScript code 
(bleeding-exploit.rules)
 2001105 - BLEEDING-EDGE Javascript execution with expression eval 
(bleeding-exploit.rules)
 2001106 - BLEEDING-EDGE Javascript execution with expression eval hex 
(bleeding-exploit.rules)
 2001205 - BLEEDING-EDGE Internet Explorer Memory Corruption Bug 
(bleeding-dos.rules)
 2001206 - BLEEDING-EDGE Mozilla Firefox Certificate Spoofing 
(bleeding-exploit.rules)
 2001207 - BLEEDING-EDGE Mozilla Cookie theft (bleeding-exploit.rules)
 2001215 - BLEEDING-EDGE FTP Serv-U Server Long Filename Stack Overflow 
Vulnerability (bleeding-exploit.rules)
 2001370 - BLEEDING-EDGE IRC Trojan Reporting (Exploit) (bleeding-virus.rules)
 2001371 - BLEEDING-EDGE IRC Trojan Reporting (lsass) (bleeding-virus.rules)
 2001372 - BLEEDING-EDGE IRC Trojan Reporting (Scan) (bleeding-virus.rules)
 2001373 - BLEEDING-EDGE IRC Trojan Reporting (zombie) (bleeding-virus.rules)
 2001437 - BLEEDING-EDGE WORM Potential MyDoom.AI Email Inbound 
(bleeding-virus.rules)
 2001438 - BLEEDING-EDGE WORM Potential MyDoom.AI Email Outbound 
(bleeding-virus.rules)
 2001528 - BLEEDING-EDGE Malware ak-networks.com Access, Likely Spyware 
(bleeding-malware.rules)
 2001529 - BLEEDING-EDGE Malware Casalemedia Access, Likely Spyware 
(bleeding-malware.rules)
 2001530 - BLEEDING-EDGE Malware ak-networks.com Spyware Code Download 
(bleeding-malware.rules)
 2001531 - BLEEDING-EDGE Malware C4tdoanload.com Access, Likely Spyware 
(bleeding-malware.rules)
 2001532 - BLEEDING-EDGE Malware Searchmiracle.com Access, Likely Spyware 
(bleeding-malware.rules)
 2001537 - BLEEDING-EDGE Malware Spyspotter.com Access, Likely Spyware 
(bleeding-malware.rules)
 2001539 - BLEEDING-EDGE Malware Spyspotter.com Access, Likely Spyware 
(bleeding-malware.rules)
 2001541 - BLEEDING-EDGE Malware Xpire.info Install Report 
(bleeding-malware.rules)
 2001556 - BLEEDING-EDGE Virus W32/Bagle.z@MM Requesting 5.php 
(bleeding-virus.rules)
 2001616 - BLEEDING-EDGE Attack Response Zone-H.org defacement notification 
(bleeding-attack_response.rules)
 2001633 - BLEEDING-EDGE Exploit Probable MSIE XPSP2 Remote Compromise 
(bleeding-exploit.rules)
 2001638 - BLEEDING-EDGE VIRUS W32/Bagle.dldr Trojan - download attempt 
(bleeding-virus.rules)
 2001695 - BLEEDING-EDGE Virus Bagle.BJ [alias .AY, .BC] - download attempt 
(bleeding-virus.rules)
 2001737 - BLEEDING-EDGE Malware ak-networks.com Spyware Code Install 
(bleeding-malware.rules)
 2001752 - BLEEDING-EDGE Virus Bagle.BE Download attempt (bleeding-virus.rules)
 2001784 - BLEEDING-EDGE EXPLOIT AWStats (awstats_shell) Remote Code Execution 
(bleeding-exploit.rules)
 2001785 - BLEEDING-EDGE EXPLOIT PHP (allow_url_fopen) File Injection Bug 
Feature (bleeding-exploit.rules)
 2001787 - BLEEDING-EDGE TROJAN IRC Bot scan/exploit command 
(bleeding-virus.rules)
 2001788 - BLEEDING-EDGE TROJAN IRC Bot DDoS command (bleeding-virus.rules)
 2001789 - BLEEDING-EDGE TROJAN Suspicious IRC Bot response 
(bleeding-virus.rules)
 2001793 - BLEEDING-EDGE MALWARE Incredisearch.com Spyware Ping 
(bleeding-malware.rules)
 2001794 - BLEEDING-EDGE MALWARE Incredisearch.com Spyware Activity 
(bleeding-malware.rules)


[///]    Modified inactive rules:    [///]

 2001061 - BLEEDING-EDGE VIRUS Bagle Variant Requesting 2.jpg 
(bleeding-virus.rules)
 2001098 - BLEEDING-EDGE Attempt to execute Javascript code 
(bleeding-custom.rules)
 2001100 - BLEEDING-EDGE Attempt to access SHELL\: (bleeding-custom.rules)
 2001180 - BLEEDING-EDGE Internet Explorer Object Type Property Overflow 
(bleeding-custom.rules)
 2001208 - BLEEDING-EDGE Reading Local Files in Netscape 6 and Mozilla 
(bleeding-exploit.rules)
 2001527 - BLEEDING-EDGE Malware Casalemedia Access, Likely Spyware 
(bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-dos.rules (1):
        #Erik Fichtner

     -> Added to bleeding-sid-msg.map (1):
        2001795 || BLEEDING-EDGE DOS Excessive SMTP MAIL-FROM DDoS



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Date:  [Snort-sigs] Cobalt raq qpopper authentication failure, Chas Tomlin
Previous by Thread:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Thread:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Indexes:  [Date] [Thread] [Top] [All Lists]