Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

from [bleeding] Network Security [Permanent Link]
Subject: [Snort-sigs] Bleeding Edge Threats Daily Signature Changes
Date: Thu, 1 Nov 2007 20:00:13 +0000 (UTC) 

[***] Results from Oinkmaster started Thu Nov  1 20:00:13 2007 [***]

[+++]          Added rules:          [+++]

 2007649 - BLEEDING-EDGE MALWARE Spylog.ru Related Spyware Checkin 
(bleeding-malware.rules)
 2007650 - BLEEDING-EDGE CURRENT_EVENTS Mac Trojan HTTP Checkin 
(accept-language violation) (bleeding.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-malware.rules (2):
        #from sandnet data
        #by matt jonkman

     -> Added to bleeding-sid-msg.map (30):
        2007649 || BLEEDING-EDGE MALWARE Spylog.ru Related Spyware Checkin
        2007650 || BLEEDING-EDGE CURRENT_EVENTS Mac Trojan HTTP Checkin 
(accept-language violation)
        2500332 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (333) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500333 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (334) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500334 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (335) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500335 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (336) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500336 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (337) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500337 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (338) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500338 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (339) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500339 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (340) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500340 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (341) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500341 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (342) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500342 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (343) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500343 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (344) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500344 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (345) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500345 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (346) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510332 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (333) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510333 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (334) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510334 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (335) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510335 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (336) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510336 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (337) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510337 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (338) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510338 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (339) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510339 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (340) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510340 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (341) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510341 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (342) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510342 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (343) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510343 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (344) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510344 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (345) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510345 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (346) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts

     -> Added to bleeding.rules (3):
        #needs a better name
        #info from Bojan at ISC and Russell Fulton
        # sig by Russell and Matt Jonkman


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Next by Date:  [Snort-sigs] Sourcefire VRT Certified Snort Rules Update, research
Next by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Indexes:  [Date] [Thread] [Top] [All Lists]