Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Bleedingsnort.com Daily Update

from [bleeding] Network Security [Permanent Link]
Subject: [Snort-sigs] Bleedingsnort.com Daily Update
Date: Tue, 7 Feb 2006 20:00:11 -0500 (EST) 

[***] Results from Oinkmaster started Tue Feb  7 20:00:11 2006 [***]

[+++]          Added rules:          [+++]

 2002185 - BLEEDING-EDGE WORM Possible MS05-039 PnP worm infection 
(bleeding-virus.rules)
 2002190 - BLEEDING-EDGE WORM Possible UPnP Infection - gc.exe download 
(bleeding-virus.rules)
 2002733 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - All Ports - v3 
(bleeding-exploit.rules)
 2002734 - BLEEDING-EDGE CURRENT WMF Exploit (bleeding-exploit.rules)
 2002741 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - Web Only - version 
3 (bleeding-exploit.rules)
 2002742 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - Version 3 
(bleeding-exploit.rules)
 2002743 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - Web Only - all 
versions (bleeding-exploit.rules)
 2002757 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - Web Only - version 
1 (bleeding-exploit.rules)
 2002758 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - Version 1 
(bleeding-exploit.rules)
 2002759 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - All Ports - v1 
(bleeding-exploit.rules)
 2002799 - BLEEDING-EDGE EXPLOIT MS05-005 Office XP .rtf Remote Code Attempt 
(bleeding-exploit.rules)


[///]     Modified active rules:     [///]

 2001591 - BLEEDING-EDGE Virus NetSky.C Worm - outgoing detected 
(bleeding-virus.rules)
 2001603 - BLEEDING-EDGE Virus Netsky.Z Worm - outgoing detected 
(bleeding-virus.rules)
 2001621 - BLEEDING-EDGE Exploit Suspected PHP Injection Attack 
(bleeding-web.rules)
 2001727 - BLEEDING-EDGE EXPLOIT MS05-005 Office XP .doc Remote Code Attempt 
(bleeding-exploit.rules)
 2001810 - BLEEDING-EDGE EXPLOIT WEB PHP remote file include exploit attempt 
(bleeding-web.rules)
 2001954 - BLEEDING-EDGE EXPLOIT Meteor FTP Server Exploit 
(bleeding-exploit.rules)
 2002034 - BLEEDING-EDGE ATTACK RESPONSE Possible /etc/passwd via HTTP 
(bleeding-attack_response.rules)
 2002090 - BLEEDING-EDGE MALWARE IEHelp.net Spyware Installer 
(bleeding-malware.rules)
 2002096 - BLEEDING-EDGE MALWARE IEHelp.net Spyware checkin 
(bleeding-malware.rules)
 2002189 - BLEEDING-EDGE Current Events OSA4.GIF Detected Possible Trojan.Tooso 
Infection (bleeding.rules)
 2002700 - BLEEDING-EDGE WORM Netsky.P (variant 2) - SMTP outgoing 
(bleeding-virus.rules)
 2002788 - BLEEDING-EDGE VIRUS webstats.web.rcn.net count.cgi request without 
referrer (possible BlackWorm/Nyxem infection) (bleeding-virus.rules)
 2002789 - BLEEDING-EDGE VIRUS Agentless HTTP request to www.microsoft.com 
(possible BlackWorm/Nyxem infection) (bleeding-virus.rules)
 2002798 - BLEEDING-EDGE VIRUS Bagle.fj SMTP Outbound (bleeding-virus.rules)
 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.245.138.0/24 
(bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.210.137.0/24 
(bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.64.96.0/20 
(bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic -  
(bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.245.138.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.210.137.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.64.96.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic -  BLOCKING SOURCE 
(bleeding-drop-BLOCK.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source 
(bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING 
(bleeding-dshield-BLOCK.rules)


[///]    Modified inactive rules:    [///]

 2001590 - BLEEDING-EDGE Virus NetSky.C Worm - incoming (bleeding-virus.rules)
 2001602 - BLEEDING-EDGE Virus Netsky.Z Worm - incoming detected 
(bleeding-virus.rules)
 2002698 - BLEEDING-EDGE WORM Netsky.P (variant 2) - SMTP incoming  
(bleeding-virus.rules)
 2002797 - BLEEDING-EDGE VIRUS Bagle.fj SMTP Inbound (bleeding-virus.rules)


[---]         Removed rules:         [---]

 2002185 - BLEEDING-EDGE Possible MS05-039 PnP worm infection (bleeding.rules)
 2002190 - BLEEDING-EDGE Current Events Possible UPnP Infection - gc.exe 
download (bleeding.rules)
 2002717 - BLEEDING-EDGE CURRENT URL request for sites serving Sober control 
activity - Host header only (bleeding.rules)
 2002718 - BLEEDING-EDGE CURRENT URL request for sites serving Sober control 
activity - Suspected URL (bleeding.rules)
 2002733 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - All Ports - v3 
(bleeding.rules)
 2002734 - BLEEDING-EDGE CURRENT WMF Exploit (bleeding.rules)
 2002741 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - Web Only - version 
3 (bleeding.rules)
 2002742 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - Version 3 
(bleeding.rules)
 2002743 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - Web Only - all 
versions (bleeding.rules)
 2002757 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - Web Only - version 
1 (bleeding.rules)
 2002758 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - Version 1 
(bleeding.rules)
 2002759 - BLEEDING-EDGE EXPLOIT WMF Escape Record Exploit - All Ports - v1 
(bleeding.rules)
 2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 138.252.0.0/16 
(bleeding-drop.rules)
 2400005 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 143.49.0.0/16 
(bleeding-drop.rules)
 2400006 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 146.100.0.0/16 
(bleeding-drop.rules)
 2400007 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 147.111.0.0/16 
(bleeding-drop.rules)
 2400008 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 148.3.0.0/16 
(bleeding-drop.rules)
 2400009 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 152.147.0.0/16 
(bleeding-drop.rules)
 2400010 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 159.2.0.0/16 
(bleeding-drop.rules)
 2400011 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 160.116.0.0/16 
(bleeding-drop.rules)
 2400012 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 163.125.0.0/16 
(bleeding-drop.rules)
 2400013 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 167.175.0.0/16 
(bleeding-drop.rules)
 2400014 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 167.97.0.0/16 
(bleeding-drop.rules)
 2400015 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 170.67.0.0/16 
(bleeding-drop.rules)
 2400016 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 192.160.44.0/24 
(bleeding-drop.rules)
 2400017 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 192.67.16.0/24 
(bleeding-drop.rules)
 2400018 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 193.110.136.0/24 
(bleeding-drop.rules)
 2400019 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 193.238.120.0/22 
(bleeding-drop.rules)
 2400020 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 195.206.120.0/22 
(bleeding-drop.rules)
 2400021 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 195.214.236.0/22 
(bleeding-drop.rules)
 2400022 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 196.4.167.0/24 
(bleeding-drop.rules)
 2400023 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.151.152.0/22 
(bleeding-drop.rules)
 2400024 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.186.16.0/20 
(bleeding-drop.rules)
 2400025 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.204.0.0/21 
(bleeding-drop.rules)
 2400026 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.120.163.0/24 
(bleeding-drop.rules)
 2400027 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.166.200.0/22 
(bleeding-drop.rules)
 2400028 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.201.151.0/24 
(bleeding-drop.rules)
 2400029 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.201.152.0/24 
(bleeding-drop.rules)
 2400030 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.245.138.0/24 
(bleeding-drop.rules)
 2400031 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.248.213.0/24 
(bleeding-drop.rules)
 2400032 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.60.102.0/24 
(bleeding-drop.rules)
 2400033 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.108.160.0/20 
(bleeding-drop.rules)
 2400034 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.108.176.0/20 
(bleeding-drop.rules)
 2400035 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.124.64.0/19 
(bleeding-drop.rules)
 2400036 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 202.14.69.0/24 
(bleeding-drop.rules)
 2400037 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.19.101.0/24 
(bleeding-drop.rules)
 2400038 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.29.222.0/24 
(bleeding-drop.rules)
 2400039 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.31.88.0/23 
(bleeding-drop.rules)
 2400040 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.33.120.0/24 
(bleeding-drop.rules)
 2400041 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.192.0/23 
(bleeding-drop.rules)
 2400042 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.204.0/24 
(bleeding-drop.rules)
 2400043 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.205.0/24 
(bleeding-drop.rules)
 2400044 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.70.0/24 
(bleeding-drop.rules)
 2400045 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.71.0/24 
(bleeding-drop.rules)
 2400046 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.4.141.0/24 
(bleeding-drop.rules)
 2400047 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.4.142.0/24 
(bleeding-drop.rules)
 2400048 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.55.153.0/24 
(bleeding-drop.rules)
 2400049 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.11.72.0/21 
(bleeding-drop.rules)
 2400050 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.13.16.0/21 
(bleeding-drop.rules)
 2400051 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.14.0.0/21 
(bleeding-drop.rules)
 2400052 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.14.24.0/21 
(bleeding-drop.rules)
 2400053 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.52.255.0/24 
(bleeding-drop.rules)
 2400054 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.62.213.0/24 
(bleeding-drop.rules)
 2400055 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.89.156.0/23 
(bleeding-drop.rules)
 2400056 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.89.224.0/24 
(bleeding-drop.rules)
 2400057 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.9.240.0/21 
(bleeding-drop.rules)
 2400058 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.159.34.0/24 
(bleeding-drop.rules)
 2400059 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.172.188.0/22 
(bleeding-drop.rules)
 2400060 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.210.137.0/24 
(bleeding-drop.rules)
 2400061 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.235.64.0/20 
(bleeding-drop.rules)
 2400062 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.236.189.0/24 
(bleeding-drop.rules)
 2400063 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.134.0/24 
(bleeding-drop.rules)
 2400064 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.175.0/24 
(bleeding-drop.rules)
 2400065 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.176.0/24 
(bleeding-drop.rules)
 2400066 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.177.0/24 
(bleeding-drop.rules)
 2400067 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.28.0/24 
(bleeding-drop.rules)
 2400068 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.29.0/24 
(bleeding-drop.rules)
 2400069 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.99.0/24 
(bleeding-drop.rules)
 2400070 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.81.80.0/20 
(bleeding-drop.rules)
 2400071 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.115.112.0/20 
(bleeding-drop.rules)
 2400072 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.182.128.0/19 
(bleeding-drop.rules)
 2400073 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.191.160.0/20 
(bleeding-drop.rules)
 2400074 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.165.224.0/20 
(bleeding-drop.rules)
 2400075 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.190.8.0/21 
(bleeding-drop.rules)
 2400076 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.197.192.0/19 
(bleeding-drop.rules)
 2400077 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 213.135.80.0/23 
(bleeding-drop.rules)
 2400078 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.108.224.0/20 
(bleeding-drop.rules)
 2400079 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.130.192.0/19 
(bleeding-drop.rules)
 2400080 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.211.144.0/20 
(bleeding-drop.rules)
 2400081 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.7.128.0/20 
(bleeding-drop.rules)
 2400082 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 217.69.112.0/20 
(bleeding-drop.rules)
 2400083 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 65.182.128.0/20 
(bleeding-drop.rules)
 2400084 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 65.255.32.0/20 
(bleeding-drop.rules)
 2400085 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.102.32.0/20 
(bleeding-drop.rules)
 2400086 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.181.160.0/19 
(bleeding-drop.rules)
 2400087 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.235.128.0/20 
(bleeding-drop.rules)
 2400088 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.55.160.0/19 
(bleeding-drop.rules)
 2400089 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.63.160.0/19 
(bleeding-drop.rules)
 2400090 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.64.96.0/20 
(bleeding-drop.rules)
 2400091 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 67.43.48.0/20 
(bleeding-drop.rules)
 2400092 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.10.0.0/20 
(bleeding-drop.rules)
 2400093 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.36.192.0/20 
(bleeding-drop.rules)
 2400094 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.42.96.0/19 
(bleeding-drop.rules)
 2400095 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.67.64.0/20 
(bleeding-drop.rules)
 2400096 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.8.176.0/20 
(bleeding-drop.rules)
 2400097 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.11.128.0/19 
(bleeding-drop.rules)
 2400098 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.21.128.0/20 
(bleeding-drop.rules)
 2400099 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.21.64.0/20 
(bleeding-drop.rules)
 2400100 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.26.192.0/19 
(bleeding-drop.rules)
 2400101 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.34.160.0/20 
(bleeding-drop.rules)
 2400102 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 80.71.64.0/19 
(bleeding-drop.rules)
 2400103 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 80.93.176.0/20 
(bleeding-drop.rules)
 2400104 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 83.223.224.0/19 
(bleeding-drop.rules)
 2400105 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 83.223.240.0/22 
(bleeding-drop.rules)
 2400106 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 85.249.16.0/20 
(bleeding-drop.rules)
 2400107 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 86.111.128.0/20 
(bleeding-drop.rules)
 2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 138.252.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401005 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 143.49.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401006 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 146.100.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401007 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 147.111.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401008 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 148.3.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401009 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 152.147.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401010 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 159.2.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401011 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 160.116.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401012 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 163.125.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401013 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 167.175.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401014 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 167.97.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401015 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 170.67.0.0/16 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401016 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 192.160.44.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401017 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 192.67.16.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401018 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 193.110.136.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401019 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 193.238.120.0/22 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401020 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 195.206.120.0/22 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401021 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 195.214.236.0/22 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401022 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 196.4.167.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401023 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.151.152.0/22 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401024 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.186.16.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401025 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 198.204.0.0/21 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401026 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.120.163.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401027 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.166.200.0/22 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401028 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.201.151.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401029 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.201.152.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401030 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.245.138.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401031 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.248.213.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401032 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 199.60.102.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401033 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.108.160.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401034 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.108.176.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401035 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 200.124.64.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401036 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 202.14.69.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401037 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.19.101.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401038 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.29.222.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401039 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.31.88.0/23 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401040 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.33.120.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401041 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.192.0/23 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401042 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.204.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401043 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.205.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401044 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.70.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401045 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.34.71.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401046 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.4.141.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401047 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.4.142.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401048 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 203.55.153.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401049 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.11.72.0/21 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401050 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.13.16.0/21 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401051 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.14.0.0/21 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401052 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.14.24.0/21 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401053 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.52.255.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401054 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.62.213.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401055 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.89.156.0/23 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401056 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.89.224.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401057 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 204.9.240.0/21 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401058 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.159.34.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401059 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.172.188.0/22 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401060 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.210.137.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401061 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.235.64.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401062 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 205.236.189.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401063 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.134.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401064 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.175.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401065 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.176.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401066 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.177.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401067 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.28.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401068 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.29.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401069 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.197.99.0/24 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401070 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 206.81.80.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401071 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.115.112.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401072 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.182.128.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401073 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 207.191.160.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401074 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.165.224.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401075 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.190.8.0/21 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401076 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 209.197.192.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401077 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 213.135.80.0/23 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401078 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.108.224.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401079 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.130.192.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401080 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.211.144.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401081 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 216.7.128.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401082 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 217.69.112.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401083 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 65.182.128.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401084 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 65.255.32.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401085 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.102.32.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401086 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.181.160.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401087 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.235.128.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401088 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.55.160.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401089 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.63.160.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401090 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 66.64.96.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401091 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 67.43.48.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401092 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.10.0.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401093 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.36.192.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401094 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.42.96.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401095 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.67.64.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401096 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 69.8.176.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401097 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.11.128.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401098 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.21.128.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401099 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.21.64.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401100 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.26.192.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401101 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 72.34.160.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401102 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 80.71.64.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401103 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 80.93.176.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401104 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 83.223.224.0/19 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401105 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 83.223.240.0/22 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401106 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 85.249.16.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2401107 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic - 86.111.128.0/20 
BLOCKING SOURCE (bleeding-drop-BLOCK.rules)
 2402001 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 203.199.72.0/24 
(bleeding-dshield.rules)
 2402002 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 222.149.192.0/24 
(bleeding-dshield.rules)
 2402003 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 202.176.249.0/24 
(bleeding-dshield.rules)
 2402004 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 66.111.255.0/24 
(bleeding-dshield.rules)
 2402005 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 219.146.96.0/24 
(bleeding-dshield.rules)
 2402006 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 219.146.78.0/24 
(bleeding-dshield.rules)
 2402007 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 219.230.159.0/24 
(bleeding-dshield.rules)
 2402008 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 198.162.17.0/24 
(bleeding-dshield.rules)
 2402009 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 222.82.229.0/24 
(bleeding-dshield.rules)
 2402010 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 220.163.11.0/24 
(bleeding-dshield.rules)
 2402011 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 222.174.117.0/24 
(bleeding-dshield.rules)
 2402012 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.128.161.0/24 
(bleeding-dshield.rules)
 2402013 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.130.254.0/24 
(bleeding-dshield.rules)
 2402014 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.136.152.0/24 
(bleeding-dshield.rules)
 2402015 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 216.132.26.0/24 
(bleeding-dshield.rules)
 2402016 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 202.97.181.0/24 
(bleeding-dshield.rules)
 2402017 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 60.46.170.0/24 
(bleeding-dshield.rules)
 2402018 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 218.31.79.0/24 
(bleeding-dshield.rules)
 2402019 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.142.73.0/24 
(bleeding-dshield.rules)
 2403001 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 203.199.72.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403002 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 222.149.192.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403003 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 202.176.249.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403004 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 66.111.255.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403005 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 219.146.96.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403006 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 219.146.78.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403007 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 219.230.159.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403008 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 198.162.17.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403009 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 222.82.229.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403010 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 220.163.11.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403011 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 222.174.117.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403012 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.128.161.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403013 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.130.254.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403014 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.136.152.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403015 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 216.132.26.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403016 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 202.97.181.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403017 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 60.46.170.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403018 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 218.31.79.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)
 2403019 - BLEEDING-EDGE DROP Dshield Block Listed Source IP - 61.142.73.0/24 
BLOCKING (bleeding-dshield-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-exploit.rules (9):
        #by mmlange
        # By Frank Knobbe, 2005-12-28. Additional work with Blake Harstein and 
Brandon Franklin.
        # flow_depth (of http_inspect_server) has to be set to 0. Recommend 
second Snort instance with that config.
        # Note that these rules will fail to detect the exploit when the HTTP 
response is gzipped.
        # There is also a possibility for evasion, but a version that catches 
it will incurr massive amount of FPs.
        # Choose between the All-Ports rules or the Web-Only rules. (All web 
rules have to be enabled)
        # All ports
        # Web Only
        # Thes rules have to be there for both

     -> Added to bleeding-sid-msg.map (4):
        2001727 || BLEEDING-EDGE EXPLOIT MS05-005 Office XP .doc Remote Code 
Attempt || url,www.frsirt.com/english/advisories/2005/0119
        2002185 || BLEEDING-EDGE WORM Possible MS05-039 PnP worm infection || 
url,isc.sans.org/diary.php?date=2005-08-14
        2002190 || BLEEDING-EDGE WORM Possible UPnP Infection - gc.exe download
        2002799 || BLEEDING-EDGE EXPLOIT MS05-005 Office XP .rtf Remote Code 
Attempt || url,www.frsirt.com/english/advisories/2005/0119

     -> Added to bleeding-virus.rules (2):
        # Created 2005/08/14 by Frank Knobbe in response to first information 
posted on ISC
        #matt Jonkman, from full-disclosure post. Unknown variant of upnp worm

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (5):
        2001727 || BLEEDING-EDGE EXPLOIT MS05-005 Office XP Remote Code Attempt
        2002185 || BLEEDING-EDGE Possible MS05-039 PnP worm infection || 
url,isc.sans.org/diary.php?date=2005-08-14
        2002190 || BLEEDING-EDGE Current Events Possible UPnP Infection - 
gc.exe download
        2002717 || BLEEDING-EDGE CURRENT URL request for sites serving Sober 
control activity - Host header only || url,www.lurhq.com/soberdates.html || 
url,www.f-secure.com/weblog/archives/archive-122005.html#00000729
        2002718 || BLEEDING-EDGE CURRENT URL request for sites serving Sober 
control activity - Suspected URL || url,www.lurhq.com/soberdates.html || 
url,www.f-secure.com/weblog/archives/archive-122005.html#00000729

     -> Removed from bleeding.rules (11):
        # Created 2005/08/14 by Frank Knobbe in response to first information 
posted on ISC
        #matt Jonkman, from full-disclosure post. Unknown variant of upnp worm
        #by mmlange
        # By Frank Knobbe, 2005-12-28. Additional work with Blake Harstein and 
Brandon Franklin.
        # flow_depth (of http_inspect_server) has to be set to 0. Recommend 
second Snort instance with that config.
        # Note that these rules will fail to detect the exploit when the HTTP 
response is gzipped.
        # There is also a possibility for evasion, but a version that catches 
it will incurr massive amount of FPs.
        # Choose between the All-Ports rules or the Web-Only rules. (All web 
rules have to be enabled)
        # All ports
        # Web Only
        # Thes rules have to be there for both



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Date:  [Snort-sigs] WEB-CLIENT HTML DOM invalid element creation attempt,Sig ID,3549, Russell Fulton
Previous by Thread:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Thread:  [Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Indexes:  [Date] [Thread] [Top] [All Lists]