Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

from [bleeding] Network Security [Permanent Link]
Subject: [Snort-sigs] Bleeding Edge Threats Daily Signature Changes
Date: Mon, 22 Oct 2007 20:00:20 +0000 (UTC) 

[***] Results from Oinkmaster started Mon Oct 22 20:00:19 2007 [***]

[///]     Modified active rules:     [///]

 2003098 - BLEEDING-EDGE WEB PHP Remote File Inclusion (monster list ftp) 
(bleeding-web.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (96):
        2404015 || BLEEDING-EDGE DROP Known Bot C&C Server Traffic (group 16)  
|| url,www.shadowserver.org
        2405015 || BLEEDING-EDGE DROP Known Bot C&C Traffic (group 16) - 
BLOCKING SOURCE || url,www.shadowserver.org
        2501013 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1014) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501014 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1015) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501015 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1016) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501016 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1017) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501017 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1018) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501018 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1019) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501019 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1020) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501020 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1021) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501021 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1022) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501022 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1023) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501023 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1024) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501024 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1025) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501025 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1026) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501026 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1027) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501027 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1028) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501028 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1029) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501029 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1030) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501030 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1031) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501031 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1032) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501032 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1033) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501033 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1034) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501034 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1035) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501035 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1036) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501036 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1037) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501037 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1038) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501038 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1039) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501039 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1040) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501040 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1041) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501041 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1042) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501042 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1043) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501043 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1044) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501044 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1045) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501045 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1046) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501046 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1047) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501047 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1048) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501048 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1049) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501049 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1050) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501050 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1051) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501051 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1052) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501052 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1053) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501053 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1054) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501054 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1055) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501055 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1056) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501056 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1057) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501057 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1058) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501058 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1059) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2501059 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (1060) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511013 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1014) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511014 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1015) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511015 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1016) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511016 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1017) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511017 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1018) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511018 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1019) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511019 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1020) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511020 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1021) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511021 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1022) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511022 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1023) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511023 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1024) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511024 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1025) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511025 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1026) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511026 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1027) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511027 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1028) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511028 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1029) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511029 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1030) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511030 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1031) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511031 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1032) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511032 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1033) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511033 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1034) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511034 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1035) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511035 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1036) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511036 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1037) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511037 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1038) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511038 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1039) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511039 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1040) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511040 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1041) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511041 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1042) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511042 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1043) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511043 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1044) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511044 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1045) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511045 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1046) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511046 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1047) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511047 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1048) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511048 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1049) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511049 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1050) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511050 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1051) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511051 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1052) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511052 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1053) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511053 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1054) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511054 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1055) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511055 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1056) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511056 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1057) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511057 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1058) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511058 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1059) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2511059 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (1060) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-sigs] New revs? of old sigs causing Snort to die, Nigel Houghton
Next by Date:  [Snort-sigs] Sourcefire VRT Certified Snort Rules Update, research
Previous by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Next by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Indexes:  [Date] [Thread] [Top] [All Lists]