[***] Results from Oinkmaster started Fri Nov 11 20:00:08 2005 [***]
[///] Modified active rules: [///]
2002384 - BLEEDING-EDGE TROJAN BOT - potential misc bot commands
(bleeding-virus.rules)
2002408 - BLEEDING-EDGE WEB phpMyAdmin Suspicious Activity (bleeding-web.rules)
2002409 - BLEEDING-EDGE WEB phpMyAdmin Local File Inclusion (2.6.4-pl1)
(bleeding-web.rules)
2002660 - BLEEDING-EDGE WEB RSA Web Auth Exploit Attempt - Long URL
(bleeding-web.rules)
2002666 - BLEEDING-EDGE VIRUS Bagle.dk SMTP Outbound (bleeding-virus.rules)
2002670 - BLEEDING-EDGE CURRENT EVENTS Malware Altered Host - DNS to Malicious
DNS Server (tcp) (bleeding.rules)
2002672 - BLEEDING-EDGE CURRENT EVENTS Malware Altered Host - DNS to Malicious
DNS Server (udp) (bleeding.rules)
[///] Modified inactive rules: [///]
2002665 - BLEEDING-EDGE VIRUS Bagle.dk SMTP Inbound (bleeding-virus.rules)
[+++] Added non-rule lines: [+++]
-> Added to bleeding-sid-msg.map (2):
2002670 || BLEEDING-EDGE CURRENT EVENTS Malware Altered Host - DNS to
Malicious DNS Server (tcp) || url,isc.sans.org/diary.php?storyid=819
2002672 || BLEEDING-EDGE CURRENT EVENTS Malware Altered Host - DNS to
Malicious DNS Server (udp) || url,isc.sans.org/diary.php?storyid=819
[---] Removed non-rule lines: [---]
-> Removed from bleeding-sid-msg.map (2):
2002670 || BLEEDING-EDGE CURRENT EVENTS Malware Altered Host - DNS to
Malicious DNS Server || url,isc.sans.org/diary.php?storyid=819
2002672 || BLEEDING-EDGE CURRENT EVENTS Malware Altered Host - DNS to
Malicious DNS Server || url,isc.sans.org/diary.php?storyid=819
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
