Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Bleedingsnort.com Daily Update

from [bleeding] Network Security [Permanent Link]
Subject: [Snort-sigs] Bleedingsnort.com Daily Update
Date: Fri, 8 Jul 2005 20:00:05 -0500 (EST) 

[***] Results from Oinkmaster started Fri Jul  8 20:00:05 2005 [***]

[///]     Modified active rules:     [///]

 2001197 - BLEEDING-EDGE PHPNuke SQL injection attemp (bleeding-web.rules)
 2001202 - BLEEDING-EDGE PHPNuke general SQL injection attempt 
(bleeding-web.rules)
 2001218 - BLEEDING-EDGE PHPNuke general XSS attemp (bleeding-web.rules)
 2001241 - BLEEDING-EDGE CHAT MSN file transfer request (bleeding-policy.rules)
 2001242 - BLEEDING-EDGE CHAT MSN file transfer accept (bleeding-policy.rules)
 2001243 - BLEEDING-EDGE CHAT MSN file transfer reject (bleeding-policy.rules)
 2001253 - BLEEDING-EDGE CHAT Yahoo IM successful logon (bleeding-policy.rules)
 2001254 - BLEEDING-EDGE CHAT Yahoo IM voicechat (bleeding-policy.rules)
 2001255 - BLEEDING-EDGE CHAT Yahoo IM ping (bleeding-policy.rules)
 2001256 - BLEEDING-EDGE CHAT Yahoo IM conference invitation 
(bleeding-policy.rules)
 2001257 - BLEEDING-EDGE CHAT Yahoo IM conference logon success 
(bleeding-policy.rules)
 2001258 - BLEEDING-EDGE CHAT Yahoo IM conference message 
(bleeding-policy.rules)
 2001259 - BLEEDING-EDGE CHAT Yahoo IM file transfer request 
(bleeding-policy.rules)
 2001261 - BLEEDING-EDGE CHAT Yahoo IM successful chat join 
(bleeding-policy.rules)
 2001262 - BLEEDING-EDGE CHAT Yahoo IM conference offer invitation 
(bleeding-policy.rules)
 2001263 - BLEEDING-EDGE CHAT Yahoo IM conference request 
(bleeding-policy.rules)
 2001329 - BLEEDING-EDGE RDP connection request (bleeding-policy.rules)
 2001330 - BLEEDING-EDGE RDP connection confirm (bleeding-policy.rules)
 2001331 - BLEEDING-EDGE RDP disconnect request (bleeding-policy.rules)
 2001427 - BLEEDING-EDGE CHAT Yahoo IM Unavailable Status 
(bleeding-policy.rules)
 2001762 - BLEEDING-EDGE WEB phpbb Session Cookie (bleeding-web.rules)
 2001836 - BLEEDING-EDGE Web page trying to infect PCs with malware - ISC Diary 
(bleeding.rules)
 2002026 - BLEEDING-EDGE TROJAN IRC PRIVMSG command (bleeding-virus.rules)
 2002029 - BLEEDING-EDGE TROJAN BOT - channel topic scan/exploit command 
(bleeding-virus.rules)
 2002031 - BLEEDING-EDGE TROJAN BOT - potential update/download 
(bleeding-virus.rules)
 2002032 - BLEEDING-EDGE TROJAN BOT - potential DDoS command 
(bleeding-virus.rules)
 2002033 - BLEEDING-EDGE TROJAN BOT - potential response (bleeding-virus.rules)
 2002070 - BLEEDING-EDGE WEB phpBB Remote Code Execution Attempt 
(bleeding-web.rules)


[///]    Modified inactive rules:    [///]

 2001260 - BLEEDING-EDGE CHAT Yahoo IM message (bleeding-policy.rules)
 2001264 - BLEEDING-EDGE CHAT Yahoo IM conference watch (bleeding-policy.rules)
 2002084 - BLEEDING-EDGE POLICY Possible Terrorism Related Content 
(bleeding-policy.rules)
 2002085 - BLEEDING-EDGE POLICY Possible Terrorism Related Email 
(bleeding-policy.rules)


[---]         Removed rules:         [---]

 2001457 - BLEEDING-EDGE Exploit phpBB Highlighting Code Execution Attempt 
(bleeding-web.rules)
 2001557 - BLEEDING-EDGE Exploit phpBB Highlighting SQL Injection 
(bleeding-web.rules)
 2001604 - BLEEDING-EDGE Exploit phpBB Highlighting Code Execution - Santy.A 
Worm (bleeding-web.rules)
 2001605 - BLEEDING-EDGE Exploit phpBB Highlight Exploit Attempt 
(bleeding-web.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (2):
        2001762 || BLEEDING-EDGE WEB phpbb Session Cookie || 
url,www.waraxe.us/ftopict-555.html
        2002070 || BLEEDING-EDGE WEB phpBB Remote Code Execution Attempt || 
url,www.securiteam.com/unixfocus/6Z00R2ABPY.html || bugtraq,14086 || 
url,secunia.com/advisories/15845/

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (6):
        2001457 || BLEEDING-EDGE Exploit phpBB Highlighting Code Execution 
Attempt || url,www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513
        2001557 || BLEEDING-EDGE Exploit phpBB Highlighting SQL Injection || 
url,www.securiteam.com/unixfocus/6Z00R2ABPY.html
        2001604 || BLEEDING-EDGE Exploit phpBB Highlighting Code Execution - 
Santy.A Worm || url,www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513
        2001605 || BLEEDING-EDGE Exploit phpBB Highlight Exploit Attempt || 
url,www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513
        2001762 || BLEEDING-EDGE WEB phpbb Session Cookie
        2002070 || BLEEDING-EDGE WEB phpBB Remote Code Execution Attempt || 
bugtraq,14086 || url,secunia.com/advisories/15845/

     -> Removed from bleeding-web.rules (2):
        #Submitted by Shirkdog
        #From Dshield



-------------------------------------------------------
This SF.Net email is sponsored by the 'Do More With Dual!' webinar happening
July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual
core and dual graphics technology at this free one hour event hosted by HP,
AMD, and NVIDIA.  To register visit http://www.hp.com/go/dualwebinar
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Sourcefire VRT Certified Rules Update, Matthew Watchinski
Next by Date:  [Snort-sigs] Re: Snort-sigs digest, Vol 1 #1422 - 3 msgs, Nick Plante
Previous by Thread:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Thread:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Indexes:  [Date] [Thread] [Top] [All Lists]