Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

from [bleeding] Network Security [Permanent Link]
Subject: [Snort-sigs] Bleeding Edge Threats Daily Signature Changes
Date: Fri, 12 Oct 2007 00:00:15 +0000 (UTC) 

[***] Results from Oinkmaster started Fri Oct 12 00:00:15 2007 [***]

[+++]          Added rules:          [+++]

 2007632 - BLEEDING-EDGE TROJAN Possible Gozi Trojan Checkin 
(bleeding-virus.rules)


[///]     Modified active rules:     [///]

 2003286 - BLEEDING-EDGE MALWARE SOCKSv5 UDP Proxy Inbound Connect Request 
(Windows Source) (bleeding-malware.rules)
 2003287 - BLEEDING-EDGE MALWARE SOCKSv5 UDP Proxy Inbound Connect Request 
(Linux Source) (bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (85):
        2007632 || BLEEDING-EDGE TROJAN Possible Gozi Trojan Checkin || 
url,www.secureworks.com/research/threats/gozi
        2500724 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (725) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500725 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (726) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500726 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (727) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500727 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (728) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500728 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (729) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500729 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (730) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500730 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (731) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500731 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (732) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500732 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (733) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500733 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (734) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500734 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (735) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500735 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (736) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500736 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (737) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500737 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (738) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500738 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (739) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500739 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (740) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500740 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (741) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500741 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (742) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500742 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (743) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500743 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (744) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500744 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (745) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500745 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (746) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500746 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (747) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500747 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (748) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500748 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (749) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500749 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (750) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500750 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (751) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500751 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (752) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500752 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (753) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500753 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (754) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500754 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (755) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500755 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (756) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500756 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (757) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500757 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (758) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500758 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (759) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500759 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (760) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500760 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (761) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500761 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (762) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500762 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (763) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500763 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (764) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500764 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (765) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500765 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (766) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510724 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (725) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510725 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (726) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510726 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (727) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510727 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (728) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510728 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (729) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510729 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (730) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510730 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (731) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510731 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (732) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510732 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (733) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510733 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (734) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510734 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (735) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510735 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (736) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510736 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (737) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510737 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (738) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510738 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (739) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510739 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (740) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510740 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (741) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510741 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (742) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510742 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (743) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510743 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (744) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510744 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (745) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510745 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (746) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510746 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (747) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510747 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (748) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510748 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (749) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510749 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (750) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510750 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (751) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510751 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (752) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510752 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (753) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510753 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (754) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510754 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (755) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510755 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (756) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510756 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (757) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510757 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (758) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510758 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (759) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510759 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (760) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510760 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (761) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510761 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (762) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510762 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (763) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510763 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (764) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510764 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (765) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510765 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (766) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts

     -> Added to bleeding-virus.rules (1):
        #by Cees Elzinga


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Next by Date:  [Snort-sigs] FPs on ssh version overflows, Russell Fulton
Previous by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Next by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Indexes:  [Date] [Thread] [Top] [All Lists]