Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

from [bleeding] Network Security [Permanent Link]
Subject: [Snort-sigs] Bleeding Edge Threats Daily Signature Changes
Date: Thu, 8 Nov 2007 20:00:13 +0000 (UTC) 

[***] Results from Oinkmaster started Thu Nov  8 20:00:13 2007 [***]

[+++]          Added rules:          [+++]

 2007670 - BLEEDING-EDGE POLICY Likely Binary in HTTP by Type Flowbit 
(bleeding-policy.rules)
 2007671 - BLEEDING-EDGE POLICY Binary Download Smaller than 1 MB -- Likely 
Hostile (bleeding-policy.rules)


[+++]  Enabled and modified rules:   [+++]

 2000419 - BLEEDING-EDGE PE EXE or DLL Windows file download 
(bleeding-policy.rules)
 2000427 - BLEEDING-EDGE PE EXE Install Windows file download 
(bleeding-policy.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-policy.rules (6):
        #Idea by Martin Holste, sigs by Matt Jonkman
        # The idea here is that most legitimate exe downloads are more than 
1meg, most malicious are far less than 1 meg.
        # This is evadable of course, and doesn't work with non-compliant web 
servers, but this will catch many...
        #First we qualify this as a packet containing the header return info 
from the get request and is likely binary content
        #next we check that the content-length is less than 7 digits, thus 
under 1,000,000 bytes.
        # note: I re-check for the leading HTTP/1 to make sure we're still in 
the header packet, not in the rest of the binary stream

     -> Added to bleeding-sid-msg.map (122):
        2007670 || BLEEDING-EDGE POLICY Likely Binary in HTTP by Type Flowbit
        2007671 || BLEEDING-EDGE POLICY Binary Download Smaller than 1 MB -- 
Likely Hostile
        2500329 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (330) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500330 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (331) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500331 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (332) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500332 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (333) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500333 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (334) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500334 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (335) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500335 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (336) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500336 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (337) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500337 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (338) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500338 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (339) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500339 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (340) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500340 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (341) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500341 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (342) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500342 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (343) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500343 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (344) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500344 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (345) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500345 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (346) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500346 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (347) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500347 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (348) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500348 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (349) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500349 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (350) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500350 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (351) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500351 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (352) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500352 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (353) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500353 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (354) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500354 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (355) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500355 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (356) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500356 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (357) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500357 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (358) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500358 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (359) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500359 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (360) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500360 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (361) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500361 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (362) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500362 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (363) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500363 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (364) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500364 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (365) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500365 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (366) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500366 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (367) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500367 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (368) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500368 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (369) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500369 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (370) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500370 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (371) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500371 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (372) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500372 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (373) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500373 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (374) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500374 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (375) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500375 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (376) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500376 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (377) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500377 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (378) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500378 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (379) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500379 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (380) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500380 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (381) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500381 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (382) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500382 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (383) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500383 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (384) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500384 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (385) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500385 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (386) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500386 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (387) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500387 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (388) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500388 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (389) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510329 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (330) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510330 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (331) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510331 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (332) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510332 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (333) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510333 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (334) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510334 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (335) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510335 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (336) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510336 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (337) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510337 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (338) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510338 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (339) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510339 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (340) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510340 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (341) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510341 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (342) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510342 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (343) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510343 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (344) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510344 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (345) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510345 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (346) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510346 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (347) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510347 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (348) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510348 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (349) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510349 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (350) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510350 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (351) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510351 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (352) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510352 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (353) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510353 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (354) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510354 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (355) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510355 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (356) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510356 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (357) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510357 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (358) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510358 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (359) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510359 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (360) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510360 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (361) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510361 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (362) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510362 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (363) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510363 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (364) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510364 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (365) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510365 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (366) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510366 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (367) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510367 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (368) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510368 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (369) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510369 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (370) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510370 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (371) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510371 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (372) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510372 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (373) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510373 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (374) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510374 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (375) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510375 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (376) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510376 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (377) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510377 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (378) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510378 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (379) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510379 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (380) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510380 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (381) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510381 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (382) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510382 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (383) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510383 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (384) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510384 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (385) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510385 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (386) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510386 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (387) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510387 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (388) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510388 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (389) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Crusoe Researches offers first rule for subscription to CRrules !, rmkml
Next by Date:  Re: [Snort-sigs] Crusoe Researches offers first rule for subscription to CRrules !, Matthew Watchinski
Previous by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Next by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Indexes:  [Date] [Thread] [Top] [All Lists]