Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Bleedingsnort.com Daily Update

from [bleeding] Network Security [Permanent Link]
Subject: [Snort-sigs] Bleedingsnort.com Daily Update
Date: Fri, 15 Apr 2005 20:00:05 -0500 (EST) 

[***] Results from Oinkmaster started Fri Apr 15 20:00:05 2005 [***]

[+++]          Added rules:          [+++]

 2001850 - BLEEDING-EDGE MALWARE Likely Trojan/Spyware Installer Requested 
(bleeding-malware.rules)


[///]     Modified active rules:     [///]

 2000327 - BLEEDING-EDGE MALWARE Spyware 2020 (bleeding-malware.rules)
 2000366 - BLEEDING-EDGE MALWARE Binet (bleeding-malware.rules)
 2000367 - BLEEDING-EDGE MALWARE Binet (bleeding-malware.rules)
 2000371 - BLEEDING-EDGE MALWARE Binet (bleeding-malware.rules)
 2000574 - BLEEDING-EDGE MALWARE Bargain Buddy (bleeding-malware.rules)
 2000593 - BLEEDING-EDGE MALWARE Binet Ad Retrieval (bleeding-malware.rules)
 2000598 - BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Data Submission 
(bleeding-malware.rules)
 2000903 - BLEEDING-EDGE MALWARE Avres Agent Receiving Instructions 
(bleeding-malware.rules)
 2000904 - BLEEDING-EDGE MALWARE Amex.Ipsrime.com Unknown Malware Download 
(bleeding-malware.rules)
 2000906 - BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Start 
(bleeding-malware.rules)
 2000907 - BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Settings Download 
(bleeding-malware.rules)
 2000930 - BLEEDING-EDGE MALWARE 180solutions Update Engine 
(bleeding-malware.rules)
 2000934 - BLEEDING-EDGE MALWARE 2020search Update Engine 
(bleeding-malware.rules)
 2001031 - BLEEDING-EDGE MALWARE Casino on Net Reporting Data 
(bleeding-malware.rules)
 2001032 - BLEEDING-EDGE MALWARE Casino on Net Ping Hit (bleeding-malware.rules)
 2001033 - BLEEDING-EDGE MALWARE Casino on Net Data Download 
(bleeding-malware.rules)
 2001041 - BLEEDING-EDGE MALWARE Casino on Net Install (bleeding-malware.rules)
 2001051 - BLEEDING-EDGE MALWARE 180solutions Spyware (bleeding-malware.rules)
 2001198 - BLEEDING-EDGE MALWARE Twaintec Download Attempt 
(bleeding-malware.rules)
 2001199 - BLEEDING-EDGE MALWARE Twaintec Ad Retrieval (bleeding-malware.rules)
 2001216 - BLEEDING-EDGE MALWARE Twaintec Reporting Data 
(bleeding-malware.rules)
 2001226 - BLEEDING-EDGE MALWARE Unknown Advertising.com Agent 
(bleeding-malware.rules)
 2001228 - BLEEDING-EDGE MALWARE Unknown Advertising.com Data Post 
(bleeding-malware.rules)
 2001230 - BLEEDING-EDGE MALWARE Unknown Advertising.com Data Post 
(bleeding-malware.rules)
 2001266 - BLEEDING-EDGE MALWARE Browseraid.com Agent Reporting Data 
(bleeding-malware.rules)
 2001295 - BLEEDING-EDGE MALWARE Browseraid.com Agent  (bleeding-malware.rules)
 2001304 - BLEEDING-EDGE MALWARE Browseraid.com Agent Updating 
(bleeding-malware.rules)
 2001318 - BLEEDING-EDGE MALWARE Adwave Agent Access (bleeding-malware.rules)
 2001339 - BLEEDING-EDGE MALWARE BInet Information Upload 
(bleeding-malware.rules)
 2001345 - BLEEDING-EDGE MALWARE Bonziportal Traffic (bleeding-malware.rules)
 2001397 - BLEEDING-EDGE MALWARE 180solutions Spyware (bleeding-malware.rules)
 2001399 - BLEEDING-EDGE MALWARE 180solutions Spyware (bleeding-malware.rules)
 2001400 - BLEEDING-EDGE MALWARE 180solutions Spyware Reporting 
(bleeding-malware.rules)
 2001440 - BLEEDING-EDGE MALWARE Abox Download (bleeding-malware.rules)
 2001441 - BLEEDING-EDGE MALWARE Abox Install Report (bleeding-malware.rules)
 2001447 - BLEEDING-EDGE MALWARE 2nd-thought (W32.Daqa.C) Download 
(bleeding-malware.rules)
 2001450 - BLEEDING-EDGE MALWARE Wintools Download/Configure 
(bleeding-malware.rules)
 2001451 - BLEEDING-EDGE MALWARE Bundleware Spyware Download 
(bleeding-malware.rules)
 2001452 - BLEEDING-EDGE MALWARE Bundleware Spyware CHM Download 
(bleeding-malware.rules)
 2001458 - BLEEDING-EDGE MALWARE Bundleware Spyware cab Download 
(bleeding-malware.rules)
 2001501 - BLEEDING-EDGE MALWARE Clickspring.net Spyware Reporting 
(bleeding-malware.rules)
 2001521 - BLEEDING-EDGE MALWARE Spywaremover Activity (bleeding-malware.rules)
 2001528 - BLEEDING-EDGE MALWARE ak-networks.com Access, Likely Spyware 
(bleeding-malware.rules)
 2001529 - BLEEDING-EDGE MALWARE Casalemedia Access, Likely Spyware 
(bleeding-malware.rules)
 2001530 - BLEEDING-EDGE MALWARE ak-networks.com Spyware Code Download 
(bleeding-malware.rules)
 2001531 - BLEEDING-EDGE MALWARE C4tdoanload.com Access, Likely Spyware 
(bleeding-malware.rules)
 2001576 - BLEEDING-EDGE MALWARE BInet Information Install Report 
(bleeding-malware.rules)
 2001640 - BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Traffic 
(bleeding-malware.rules)
 2001730 - BLEEDING-EDGE MALWARE A-d-w-a-r-e.com Activity 
(bleeding-malware.rules)
 2001735 - BLEEDING-EDGE MALWARE A-d-w-a-r-e.com Activity 
(bleeding-malware.rules)
 2001737 - BLEEDING-EDGE MALWARE ak-networks.com Spyware Code Install 
(bleeding-malware.rules)
 2001761 - BLEEDING-EDGE MALWARE ABX Toolbar ActiveX Install 
(bleeding-malware.rules)


[///]    Modified inactive rules:    [///]

 2001398 - BLEEDING-EDGE MALWARE Bfast.com Spyware (bleeding-malware.rules)
 2001527 - BLEEDING-EDGE MALWARE Casalemedia Access, Likely Spyware 
(bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-malware.rules (1):
        #These are for common names of malcode files as seen in common places.

     -> Added to bleeding-sid-msg.map (55):
        2000327 || BLEEDING-EDGE MALWARE Spyware 2020
        2000366 || BLEEDING-EDGE MALWARE Binet || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2000367 || BLEEDING-EDGE MALWARE Binet || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2000371 || BLEEDING-EDGE MALWARE Binet || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2000574 || BLEEDING-EDGE MALWARE Bargain Buddy || 
url,www.doxdesk.com/parasite/BargainBuddy.html
        2000593 || BLEEDING-EDGE MALWARE Binet Ad Retrieval || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2000598 || BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Data 
Submission
        2000903 || BLEEDING-EDGE MALWARE Avres Agent Receiving Instructions || 
url,ar.avres.net/ie/updatenew/ || url,www.avres.net
        2000904 || BLEEDING-EDGE MALWARE Amex.Ipsrime.com Unknown Malware 
Download || url,www.isprime.com || url,amex.isprime.com
        2000906 || BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Start
        2000907 || BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Settings 
Download
        2000930 || BLEEDING-EDGE MALWARE 180solutions Update Engine || 
url,www.safer-networking.org/index.php?page=threats&detail=212
        2000934 || BLEEDING-EDGE MALWARE 2020search Update Engine || 
url,www.safer-networking.org/index.php?page=updatehistory&detail=2004-03-04
        2001031 || BLEEDING-EDGE MALWARE Casino on Net Reporting Data || 
url,www.888casino.net
        2001032 || BLEEDING-EDGE MALWARE Casino on Net Ping Hit || 
url,www.888casino.net
        2001033 || BLEEDING-EDGE MALWARE Casino on Net Data Download || 
url,www.888casino.net
        2001041 || BLEEDING-EDGE MALWARE Casino on Net Install || 
url,www.888casino.net
        2001051 || BLEEDING-EDGE MALWARE 180solutions Spyware || 
url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html
        2001198 || BLEEDING-EDGE MALWARE Twaintec Download Attempt || 
url,www.pestpatrol.com/PestInfo/t/twain-tech.asp
        2001199 || BLEEDING-EDGE MALWARE Twaintec Ad Retrieval || 
url,www.pestpatrol.com/PestInfo/t/twain-tech.asp
        2001216 || BLEEDING-EDGE MALWARE Twaintec Reporting Data || 
url,www.pestpatrol.com/PestInfo/t/twain-tech.asp
        2001226 || BLEEDING-EDGE MALWARE Unknown Advertising.com Agent
        2001228 || BLEEDING-EDGE MALWARE Unknown Advertising.com Data Post
        2001230 || BLEEDING-EDGE MALWARE Unknown Advertising.com Data Post
        2001266 || BLEEDING-EDGE MALWARE Browseraid.com Agent Reporting Data || 
url,www.browseraid.com
        2001295 || BLEEDING-EDGE MALWARE Browseraid.com Agent  || 
url,www.browseraid.com
        2001304 || BLEEDING-EDGE MALWARE Browseraid.com Agent Updating || 
url,www.browseraid.com
        2001318 || BLEEDING-EDGE MALWARE Adwave Agent Access
        2001339 || BLEEDING-EDGE MALWARE BInet Information Upload || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2001345 || BLEEDING-EDGE MALWARE Bonziportal Traffic || 
url,www.bonzibuddy.com
        2001397 || BLEEDING-EDGE MALWARE 180solutions Spyware || 
url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html
        2001398 || BLEEDING-EDGE MALWARE Bfast.com Spyware || 
url,www.giantcompany.com/antispyware/research/spyware/spyware-BFast.com.aspx
        2001399 || BLEEDING-EDGE MALWARE 180solutions Spyware || 
url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html
        2001400 || BLEEDING-EDGE MALWARE 180solutions Spyware Reporting || 
url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html
        2001440 || BLEEDING-EDGE MALWARE Abox Download || 
url,www.giantcompany.com/antispyware/research/spyware/spyware-ABox.aspx
        2001441 || BLEEDING-EDGE MALWARE Abox Install Report
        2001447 || BLEEDING-EDGE MALWARE 2nd-thought (W32.Daqa.C) Download
        2001450 || BLEEDING-EDGE MALWARE Wintools Download/Configure
        2001451 || BLEEDING-EDGE MALWARE Bundleware Spyware Download
        2001452 || BLEEDING-EDGE MALWARE Bundleware Spyware CHM Download
        2001458 || BLEEDING-EDGE MALWARE Bundleware Spyware cab Download
        2001501 || BLEEDING-EDGE MALWARE Clickspring.net Spyware Reporting
        2001521 || BLEEDING-EDGE MALWARE Spywaremover Activity
        2001527 || BLEEDING-EDGE MALWARE Casalemedia Access, Likely Spyware
        2001528 || BLEEDING-EDGE MALWARE ak-networks.com Access, Likely Spyware
        2001529 || BLEEDING-EDGE MALWARE Casalemedia Access, Likely Spyware
        2001530 || BLEEDING-EDGE MALWARE ak-networks.com Spyware Code Download
        2001531 || BLEEDING-EDGE MALWARE C4tdoanload.com Access, Likely Spyware
        2001576 || BLEEDING-EDGE MALWARE BInet Information Install Report || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2001640 || BLEEDING-EDGE MALWARE Altnet PeerPoints Manager Traffic
        2001730 || BLEEDING-EDGE MALWARE A-d-w-a-r-e.com Activity || 
url,www.a-d-w-a-r-e.com
        2001735 || BLEEDING-EDGE MALWARE A-d-w-a-r-e.com Activity || 
url,www.a-d-w-a-r-e.com
        2001737 || BLEEDING-EDGE MALWARE ak-networks.com Spyware Code Install
        2001761 || BLEEDING-EDGE MALWARE ABX Toolbar ActiveX Install || 
url,isc.sans.org/diary.php?date=2005-03-04
        2001850 || BLEEDING-EDGE MALWARE Likely Trojan/Spyware Installer 
Requested

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (54):
        2000327 || BLEEDING-EDGE Malware Spyware 2020
        2000366 || BLEEDING-EDGE Malware Binet || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2000367 || BLEEDING-EDGE Malware Binet || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2000371 || BLEEDING-EDGE Malware Binet || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2000574 || BLEEDING-EDGE Malware Bargain Buddy || 
url,www.doxdesk.com/parasite/BargainBuddy.html
        2000593 || BLEEDING-EDGE Malware Binet Ad Retrieval || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2000598 || BLEEDING-EDGE Malware Altnet PeerPoints Manager Data 
Submission
        2000903 || BLEEDING-EDGE Malware Avres Agent Receiving Instructions || 
url,ar.avres.net/ie/updatenew/ || url,www.avres.net
        2000904 || BLEEDING-EDGE Malware Amex.Ipsrime.com Unknown Malware 
Download || url,www.isprime.com || url,amex.isprime.com
        2000906 || BLEEDING-EDGE Malware Altnet PeerPoints Manager Start
        2000907 || BLEEDING-EDGE Malware Altnet PeerPoints Manager Settings 
Download
        2000930 || BLEEDING-EDGE Malware 180solutions Update Engine || 
url,www.safer-networking.org/index.php?page=threats&detail=212
        2000934 || BLEEDING-EDGE Malware 2020search Update Engine || 
url,www.safer-networking.org/index.php?page=updatehistory&detail=2004-03-04
        2001031 || BLEEDING-EDGE Malware Casino on Net Reporting Data || 
url,www.888casino.net
        2001032 || BLEEDING-EDGE Malware Casino on Net Ping Hit || 
url,www.888casino.net
        2001033 || BLEEDING-EDGE Malware Casino on Net Data Download || 
url,www.888casino.net
        2001041 || BLEEDING-EDGE Malware Casino on Net Install || 
url,www.888casino.net
        2001051 || BLEEDING-EDGE Malware 180solutions Spyware || 
url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html
        2001198 || BLEEDING-EDGE Malware Twaintec Download Attempt || 
url,www.pestpatrol.com/PestInfo/t/twain-tech.asp
        2001199 || BLEEDING-EDGE Malware Twaintec Ad Retrieval || 
url,www.pestpatrol.com/PestInfo/t/twain-tech.asp
        2001216 || BLEEDING-EDGE Malware Twaintec Reporting Data || 
url,www.pestpatrol.com/PestInfo/t/twain-tech.asp
        2001226 || BLEEDING-EDGE Malware Unknown Advertising.com Agent
        2001228 || BLEEDING-EDGE Malware Unknown Advertising.com Data Post
        2001230 || BLEEDING-EDGE Malware Unknown Advertising.com Data Post
        2001266 || BLEEDING-EDGE Malware Browseraid.com Agent Reporting Data || 
url,www.browseraid.com
        2001295 || BLEEDING-EDGE Malware Browseraid.com Agent  || 
url,www.browseraid.com
        2001304 || BLEEDING-EDGE Malware Browseraid.com Agent Updating || 
url,www.browseraid.com
        2001318 || BLEEDING-EDGE Malware Adwave Agent Access
        2001339 || BLEEDING-EDGE Malware BInet Information Upload || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2001345 || BLEEDING-EDGE Malware Bonziportal Traffic || 
url,www.bonzibuddy.com
        2001397 || BLEEDING-EDGE Malware 180solutions Spyware || 
url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html
        2001398 || BLEEDING-EDGE Malware Bfast.com Spyware || 
url,www.giantcompany.com/antispyware/research/spyware/spyware-BFast.com.aspx
        2001399 || BLEEDING-EDGE Malware 180solutions Spyware || 
url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html
        2001400 || BLEEDING-EDGE Malware 180solutions Spyware Reporting || 
url,securityresponse.symantec.com/avcenter/venc/data/pf/adware.180search.html
        2001440 || BLEEDING-EDGE Malware Abox Download || 
url,www.giantcompany.com/antispyware/research/spyware/spyware-ABox.aspx
        2001441 || BLEEDING-EDGE Malware Abox Install Report
        2001447 || BLEEDING-EDGE Malware 2nd-thought (W32.Daqa.C) Download
        2001450 || BLEEDING-EDGE Malware Wintools Download/Configure
        2001451 || BLEEDING-EDGE Malware Bundleware Spyware Download
        2001452 || BLEEDING-EDGE Malware Bundleware Spyware CHM Download
        2001458 || BLEEDING-EDGE Malware Bundleware Spyware cab Download
        2001501 || BLEEDING-EDGE Malware Clickspring.net Spyware Reporting
        2001521 || BLEEDING-EDGE Malware Spywaremover Activity
        2001527 || BLEEDING-EDGE Malware Casalemedia Access, Likely Spyware
        2001528 || BLEEDING-EDGE Malware ak-networks.com Access, Likely Spyware
        2001529 || BLEEDING-EDGE Malware Casalemedia Access, Likely Spyware
        2001530 || BLEEDING-EDGE Malware ak-networks.com Spyware Code Download
        2001531 || BLEEDING-EDGE Malware C4tdoanload.com Access, Likely Spyware
        2001576 || BLEEDING-EDGE Malware BInet Information Install Report || 
url,sarc.com/avcenter/venc/data/pf/adware.binet.html
        2001640 || BLEEDING-EDGE Malware Altnet PeerPoints Manager Traffic
        2001730 || BLEEDING-EDGE Malware A-d-w-a-r-e.com Activity || 
url,www.a-d-w-a-r-e.com
        2001735 || BLEEDING-EDGE Malware A-d-w-a-r-e.com Activity || 
url,www.a-d-w-a-r-e.com
        2001737 || BLEEDING-EDGE Malware ak-networks.com Spyware Code Install
        2001761 || BLEEDING-EDGE Malware ABX Toolbar ActiveX Install || 
url,isc.sans.org/diary.php?date=2005-03-04



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Existing Detection for Multiple Microsoft Vulnerabilities., Matthew Watchinski
Next by Date:  [Snort-sigs] FP on 2048 "MISC rsyncd overflow attempt", Jason Haar
Previous by Thread:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Thread:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Indexes:  [Date] [Thread] [Top] [All Lists]