Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Snort-sigs] Bleeding Edge Threats Daily Signature Changes

from [bleeding] Network Security [Permanent Link]
Subject: [Snort-sigs] Bleeding Edge Threats Daily Signature Changes
Date: Tue, 13 Nov 2007 20:00:11 +0000 (UTC) 

[***] Results from Oinkmaster started Tue Nov 13 20:00:11 2007 [***]

[+++]          Added rules:          [+++]

 2007692 - BLEEDING-EDGE TROJAN Basine Trojan Checkin (bleeding-virus.rules)
 2007693 - BLEEDING-EDGE MALWARE Zredirector.com Related Spyware User Agent 
(BndDriveLoader) (bleeding-malware.rules)
 2007694 - BLEEDING-EDGE MALWARE Popads123.com Related Spyware User Agent 
(LmaokaazLdr) (bleeding-malware.rules)
 2007695 - BLEEDING-EDGE POLICY Windows 98 User-Agent Detected - Possible 
Malware or Non-Updated System (bleeding-policy.rules)
 2007696 - BLEEDING-EDGE MALWARE Softwarereferral.com Adware Checkin 
(bleeding-malware.rules)
 2406006 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains 
(3) (bleeding-rbn.rules)
 2406007 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains 
(4) (bleeding-rbn.rules)
 2407006 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains - 
BLOCKING (3) (bleeding-rbn-BLOCK.rules)
 2407007 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains - 
BLOCKING (4) (bleeding-rbn-BLOCK.rules)


[///]     Modified active rules:     [///]

 2007603 - BLEEDING-EDGE TROJAN Proxy.Win32.Wopla.ag Check-In 
(bleeding-virus.rules)
 2007604 - BLEEDING-EDGE TROJAN Proxy.Win32.Wopla.ag Server Reply 
(bleeding-virus.rules)
 2406003 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - Known 
Trojan C&Cs (bleeding-rbn.rules)
 2406004 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains 
(1) (bleeding-rbn.rules)
 2406005 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains 
(2) (bleeding-rbn.rules)
 2407000 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - Hosting 
Nets - BLOCKING (bleeding-rbn-BLOCK.rules)
 2407001 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - 
Individual Hosts - BLOCKING (bleeding-rbn-BLOCK.rules)
 2407002 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - Chinese 
Nets - BLOCKING (bleeding-rbn-BLOCK.rules)
 2407003 - BLEEDING-EDGE RBN Known Russian Business Network Traffic - Known 
Trojan C&Cs - BLOCKING (bleeding-rbn-BLOCK.rules)
 2407004 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains - 
BLOCKING (1) (bleeding-rbn-BLOCK.rules)
 2407005 - BLEEDING-EDGE RBN Known Russian Business Network Monitored Domains - 
BLOCKING (2) (bleeding-rbn-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-malware.rules (1):
        #by matt Jonkman, from the sandnet

     -> Added to bleeding-policy.rules (4):
        #this sig is to catch HTTP User agents that specify Windows 98 as the 
platform
        # Mostly to catch spyware and auto-downloaders that still use these as 
fake User Agent strings
        # You may also use this to catch any local win98 machines if they're no 
longer supposed to be in production
        #  (which for goodness sake they shouldn't!! Haven't been patched for 
years!)

     -> Added to bleeding-rbn-BLOCK.rules (3):
        #Anserin/Torpig/Sinowal hosts
        #  VERSION 8
        #  Updated 2007-11-12 23:25:12

     -> Added to bleeding-rbn.rules (3):
        #Anserin/Torpig/Sinowal hosts
        #  VERSION 8
        #  Updated 2007-11-12 23:25:12

     -> Added to bleeding-sid-msg.map (164):
        2007692 || BLEEDING-EDGE TROJAN Basine Trojan Checkin
        2007693 || BLEEDING-EDGE MALWARE Zredirector.com Related Spyware User 
Agent (BndDriveLoader)
        2007694 || BLEEDING-EDGE MALWARE Popads123.com Related Spyware User 
Agent (LmaokaazLdr)
        2007695 || BLEEDING-EDGE POLICY Windows 98 User-Agent Detected - 
Possible Malware or Non-Updated System || 
url.doc.bleedingthreats.net/bin/view/Main/Windows98UA
        2007696 || BLEEDING-EDGE MALWARE Softwarereferral.com Adware Checkin
        2406003 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - 
Known Trojan C&Cs || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406004 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains (1) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406005 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains (2) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406006 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains (3) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406007 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains (4) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407000 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - 
Hosting Nets - BLOCKING || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407001 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - 
Individual Hosts - BLOCKING || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407002 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - 
Chinese Nets - BLOCKING || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407003 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - 
Known Trojan C&Cs - BLOCKING || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407004 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains - BLOCKING (1) || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407005 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains - BLOCKING (2) || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407006 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains - BLOCKING (3) || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407007 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains - BLOCKING (4) || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2500096 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (97) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500097 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (98) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500098 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (99) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500099 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (100) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500100 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (101) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500101 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (102) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500102 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (103) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500103 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (104) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500104 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (105) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500105 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (106) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500106 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (107) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500107 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (108) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500108 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (109) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500109 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (110) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500110 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (111) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500111 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (112) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500112 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (113) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500113 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (114) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500114 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (115) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500115 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (116) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500116 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (117) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500117 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (118) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500118 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (119) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500119 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (120) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500120 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (121) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500121 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (122) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500122 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (123) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500123 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (124) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500124 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (125) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500125 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (126) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500126 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (127) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500127 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (128) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500128 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (129) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500129 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (130) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500130 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (131) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500131 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (132) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500132 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (133) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500133 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (134) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500134 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (135) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500135 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (136) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500136 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (137) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500137 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (138) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500138 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (139) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500139 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (140) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500140 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (141) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500141 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (142) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500142 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (143) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500143 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (144) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500144 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (145) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500145 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (146) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500146 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (147) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500147 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (148) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500148 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (149) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500149 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (150) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500150 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (151) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500151 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (152) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500152 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (153) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500153 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (154) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500154 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (155) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500155 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (156) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500156 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (157) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500157 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (158) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500158 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (159) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500159 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (160) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500160 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (161) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500161 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (162) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500162 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (163) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500163 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (164) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500164 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (165) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500165 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (166) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500166 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (167) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500167 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (168) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500168 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic (169) || url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510096 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (97) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510097 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (98) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510098 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (99) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510099 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (100) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510100 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (101) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510101 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (102) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510102 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (103) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510103 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (104) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510104 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (105) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510105 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (106) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510106 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (107) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510107 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (108) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510108 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (109) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510109 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (110) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510110 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (111) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510111 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (112) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510112 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (113) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510113 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (114) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510114 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (115) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510115 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (116) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510116 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (117) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510117 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (118) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510118 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (119) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510119 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (120) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510120 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (121) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510121 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (122) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510122 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (123) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510123 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (124) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510124 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (125) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510125 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (126) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510126 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (127) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510127 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (128) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510128 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (129) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510129 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (130) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510130 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (131) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510131 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (132) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510132 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (133) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510133 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (134) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510134 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (135) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510135 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (136) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510136 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (137) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510137 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (138) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510138 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (139) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510139 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (140) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510140 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (141) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510141 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (142) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510142 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (143) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510143 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (144) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510144 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (145) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510145 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (146) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510146 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (147) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510147 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (148) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510148 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (149) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510149 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (150) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510150 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (151) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510151 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (152) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510152 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (153) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510153 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (154) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510154 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (155) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510155 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (156) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510156 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (157) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510157 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (158) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510158 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (159) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510159 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (160) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510160 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (161) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510161 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (162) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510162 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (163) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510163 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (164) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510164 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (165) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510165 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (166) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510166 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (167) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510167 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (168) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510168 || BLEEDING-EDGE COMPROMISED Known Compromised or Hostile Host 
Traffic - BLOCKING (169) || 
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts

     -> Added to bleeding-virus.rules (1):
        #by matt Jonkman, from sandnet analysis

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-rbn-BLOCK.rules (2):
        #  VERSION 6
        #  Updated 2007-11-11 12:45:40

     -> Removed from bleeding-rbn.rules (2):
        #  VERSION 6
        #  Updated 2007-11-11 12:45:40

     -> Removed from bleeding-sid-msg.map (9):
        2406003 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains (1) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406004 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains (2) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2406005 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains (3) || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407000 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - 
Hosting Nets || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407001 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - 
Individual Hosts || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407002 || BLEEDING-EDGE RBN Known Russian Business Network Traffic - 
Chinese Nets || url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407003 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains - BLOCKING (1) || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407004 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains - BLOCKING (2) || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork
        2407005 || BLEEDING-EDGE RBN Known Russian Business Network Monitored 
Domains - BLOCKING (3) || 
url,doc.bleedingthreats.net/bin/view/Main/RussianBusinessNetwork


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Next by Date:  [Snort-sigs] Sourcefire VRT Certified Snort Rules Update, research
Previous by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Next by Thread:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Indexes:  [Date] [Thread] [Top] [All Lists]