Network Security: Detailed info on [Snort-sigs] Emerging Threats Daily Signature Changes

Subject:	[Snort-sigs] Emerging Threats Daily Signature Changes
Date:	Tue, 12 Feb 2008 17:00:08 -0500 (EST)


[***] Results from Oinkmaster started Tue Feb 12 17:00:08 2008 [***]

[+++]          Added rules:          [+++]

 2007839 - ET MALWARE Drpcclean.com Related Spyware User Agent (DrPCClean 
Transmit) (bleeding-malware.rules)
 2007840 - ET TROJAN Suspicious User-Agent - Possible Trojan Downloader (Shell) 
(bleeding-virus.rules)
 2007841 - ET TROJAN W32.Downloader Tibs.ek Reporting to C&C 
(bleeding-virus.rules)
 2007842 - ET MALWARE Softspydelete.com Fake Anti-Spyware Checkin 
(bleeding-malware.rules)


[///]     Modified active rules:     [///]

 2003238 - ET TROJAN W32.Downloader Tibs.jy Reporting to C&C 
(bleeding-virus.rules)
 2003239 - ET TROJAN W32.Downloader Tibs.jy Reporting to C&C (2) 
(bleeding-virus.rules)


[---]         Removed rules:         [---]

 2007830 - ET MALWARE Maxthom/Myie2.com Related Spyware User Agent (MyIE2) 
(bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-malware.rules (2):
        #another fake antispyware package, by matt jonkman
        #drpcclean.com by matt jonkman

     -> Added to bleeding-sid-msg.map (6):
        2003238 || ET TROJAN W32.Downloader Tibs.jy Reporting to C&C
        2003239 || ET TROJAN W32.Downloader Tibs.jy Reporting to C&C (2)
        2007839 || ET MALWARE Drpcclean.com Related Spyware User Agent 
(DrPCClean Transmit)
        2007840 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader 
(Shell)
        2007841 || ET TROJAN W32.Downloader Tibs.ek Reporting to C&C
        2007842 || ET MALWARE Softspydelete.com Fake Anti-Spyware Checkin

     -> Added to bleeding-sid-msg.map.txt (6):
        2003238 || ET TROJAN W32.Downloader Tibs.jy Reporting to C&C
        2003239 || ET TROJAN W32.Downloader Tibs.jy Reporting to C&C (2)
        2007839 || ET MALWARE Drpcclean.com Related Spyware User Agent 
(DrPCClean Transmit)
        2007840 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader 
(Shell)
        2007841 || ET TROJAN W32.Downloader Tibs.ek Reporting to C&C
        2007842 || ET MALWARE Softspydelete.com Fake Anti-Spyware Checkin

     -> Added to bleeding-virus.rules (1):
        #Matt Jonkman, Kaspersky  Trojan-Proxy.Win32.Agent.blm

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-malware.rules (1):
        #maxthon related, by matt jonkman

     -> Removed from bleeding-sid-msg.map (3):
        2003238 || ET TROJAN W32.Downloader-388 
(Trojan-Downloader.Win32.Tibs.jy) Reporting to C&C
        2003239 || ET TROJAN W32.Downloader-388 
(Trojan-Downloader.Win32.Tibs.jy) Reporting to C&C (2)
        2007830 || ET MALWARE Maxthom/Myie2.com Related Spyware User Agent 
(MyIE2)

     -> Removed from bleeding-sid-msg.map.txt (3):
        2003238 || ET TROJAN W32.Downloader-388 
(Trojan-Downloader.Win32.Tibs.jy) Reporting to C&C
        2003239 || ET TROJAN W32.Downloader-388 
(Trojan-Downloader.Win32.Tibs.jy) Reporting to C&C (2)
        2007830 || ET MALWARE Maxthom/Myie2.com Related Spyware User Agent 
(MyIE2)

     -> Removed from bleeding-virus.rules (1):
        #first found by ClamAV


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

<Prev in Thread]	Current Thread	[Next in Thread>
[Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging <= [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging [Snort-sigs] Emerging Threats Daily Signature Changes, emerging

Previous by Date:	[Snort-sigs] Crusoe Researches offer new rule for detecting Firefox view-source and resource vulnerability, rmkml
Next by Date:	[Snort-sigs] Sourcefire VRT Certified Snort Rules Update, research
Previous by Thread:	[Snort-sigs] Emerging Threats Daily Signature Changes, emerging
Next by Thread:	[Snort-sigs] Emerging Threats Daily Signature Changes, emerging
Indexes:	[Date] [Thread] [Top] [All Lists]