Network Security: Detailed info on [Snort-sigs] Bleedingsnort.com Daily Update

Subject:	[Snort-sigs] Bleedingsnort.com Daily Update
Date:	Sat, 24 Jun 2006 21:00:13 -0400 (EDT)


[***] Results from Oinkmaster started Sat Jun 24 21:00:12 2006 [***]

[+++]          Added rules:          [+++]

 2002984 - BLEEDING-EDGE MALWARE SpySherriff Spyware Activity 
(bleeding-malware.rules)
 2002985 - BLEEDING-EDGE MALWARE SpySherriff Spyware Activity 
(bleeding-malware.rules)
 2002986 - BLEEDING-EDGE POLICY ICQ Install Direct download - Not normal mode 
of install (bleeding-policy.rules)
 2002987 - BLEEDING-EDGE MALWARE Jupitersatellites.biz Spyware Download 
(bleeding-malware.rules)
 2002988 - BLEEDING-EDGE MALWARE Possible Spambot Checking in to Spam 
(bleeding-malware.rules)
 2002989 - BLEEDING-EDGE MALWARE Possible Spambot getting new exe url 
(bleeding-malware.rules)
 2002990 - BLEEDING-EDGE MALWARE Possible Spambot Pulling IP List to Spam 
(bleeding-malware.rules)
 2002991 - BLEEDING-EDGE MALWARE Possible Spambot getting new exe 
(bleeding-malware.rules)


[///]     Modified active rules:     [///]

 2002023 - BLEEDING-EDGE TROJAN IRC USER command (bleeding-virus.rules)
 2002024 - BLEEDING-EDGE TROJAN IRC NICK command (bleeding-virus.rules)
 2002025 - BLEEDING-EDGE TROJAN IRC JOIN command (bleeding-virus.rules)
 2002026 - BLEEDING-EDGE TROJAN IRC PRIVMSG command (bleeding-virus.rules)
 2400000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound 
(bleeding-drop.rules)
 2400001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound 
(bleeding-drop.rules)
 2400002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound 
(bleeding-drop.rules)
 2400003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound 
(bleeding-drop.rules)
 2400004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound 
(bleeding-drop.rules)
 2401000 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING 
SOURCE (bleeding-drop-BLOCK.rules)
 2401001 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING 
SOURCE (bleeding-drop-BLOCK.rules)
 2401002 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING 
SOURCE (bleeding-drop-BLOCK.rules)
 2401003 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING 
SOURCE (bleeding-drop-BLOCK.rules)
 2401004 - BLEEDING-EDGE DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING 
SOURCE (bleeding-drop-BLOCK.rules)
 2402000 - BLEEDING-EDGE DROP Dshield Block Listed Source 
(bleeding-dshield.rules)
 2403000 - BLEEDING-EDGE DROP Dshield Block Listed Source - BLOCKING 
(bleeding-dshield-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (8):
        2002984 || BLEEDING-EDGE MALWARE SpySherriff Spyware Activity
        2002985 || BLEEDING-EDGE MALWARE SpySherriff Spyware Activity
        2002986 || BLEEDING-EDGE POLICY ICQ Install Direct download - Not 
normal mode of install
        2002987 || BLEEDING-EDGE MALWARE Jupitersatellites.biz Spyware Download
        2002988 || BLEEDING-EDGE MALWARE Possible Spambot Checking in to Spam
        2002989 || BLEEDING-EDGE MALWARE Possible Spambot getting new exe url
        2002990 || BLEEDING-EDGE MALWARE Possible Spambot Pulling IP List to 
Spam
        2002991 || BLEEDING-EDGE MALWARE Possible Spambot getting new exe


Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

<Prev in Thread]	Current Thread	[Next in Thread>
[Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding <= [Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding [Snort-sigs] Bleedingsnort.com Daily Update, bleeding

Previous by Date:	[Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Date:	[Snort-sigs] FPs for COMMUNITY WEB-PHP Particle Wiki PHP SQL Injection attempt, Sig ID, 100000446, Russell Fulton
Previous by Thread:	[Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Next by Thread:	[Snort-sigs] Bleedingsnort.com Daily Update, bleeding
Indexes:	[Date] [Thread] [Top] [All Lists]