Network Security: Detailed info on [Snort-sigs] Emerging Threats Weekly Signature Changes

Subject:	[Snort-sigs] Emerging Threats Weekly Signature Changes
Date:	Sat, 23 Feb 2008 19:00:09 -0500 (EST)

[***] Results from Oinkmaster started Sat Feb 23 19:00:09 2008 [***]

[+++]          Added rules:          [+++]

  207873 - ET WEB WinIPDS Directory Traversal Vulnerabilities POST 
(bleeding-web.rules)
 2007855 - ET MALWARE OneStepSearch Host Activity (bleeding-malware.rules)
 2007856 - ET MALWARE System-defender.com Fake AV Install Checkin 
(bleeding-malware.rules)
 2007858 - ET TROJAN Delf Keylog FTP Upload (bleeding-virus.rules)
 2007859 - ET MALWARE Suspicious User Agent - Possible Trojan Downloader 
(microsoft) (bleeding-malware.rules)
 2007860 - ET MALWARE Suspicious User Agent - Possible Trojan Downloader 
(Internet Explorer 6.0) (bleeding-malware.rules)
 2007861 - ET MALWARE Softcashier.com Spyware Install Checkin 
(bleeding-malware.rules)
 2007862 - ET TROJAN LDPinch Checkin (3) (bleeding-virus.rules)
 2007863 - ET TROJAN Banload HTTP Checkin (bleeding-virus.rules)
 2007864 - ET TROJAN Banload HTTP Checkin Detected (bleeding-virus.rules)
 2007865 - ET MALWARE Winreanimator.com Fake AV Install Attempt 
(bleeding-malware.rules)
 2007866 - ET TROJAN Gadu-Gadu.pl Related Trojan Reporting via HTTP 
(bleeding-virus.rules)
 2007867 - ET TROJAN Delf HTTP Post Checkin (1) (bleeding-virus.rules)
 2007868 - ET MALWARE Suspicious User Agent - Possible Trojan Downloader 
(Firefox) (bleeding-malware.rules)
 2007869 - ET MALWARE Vombanetwork Spyware User Agent (VombaProductsInstaller) 
(bleeding-malware.rules)
 2007870 - ET MALWARE Vombanetworks.com Spyware Installer Checkin 
(bleeding-malware.rules)
 2007871 - ET WEB Philips VOIP841 Web Server Directory Traversal 
(bleeding-web.rules)
 2007872 - ET WEB WinIPDS Directory Traversal Vulnerabilities GET 
(bleeding-web.rules)
 2007874 - ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability 
(bleeding-exploit.rules)
 2007875 - ET EXPLOIT Now SMS/MMS Gateway SMPP BOF Vulnerability 
(bleeding-exploit.rules)
 2007876 - ET EXPLOIT ExtremeZ-IP File and Print Server Multiple 
Vulnerabilities - udp (bleeding-exploit.rules)
 2007877 - ET EXPLOIT ExtremeZ-IP File and Print Server Multiple 
Vulnerabilities - tcp (bleeding-exploit.rules)
 2007878 - ET WEB Apple QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack 
Overflow (bleeding-web.rules)
 2007879 - ET EXPLOIT Cyan Soft Products Format String Vulnerability 
(bleeding-exploit.rules)


[///]     Modified active rules:     [///]

 2002157 - ET POLICY Skype User-Agent detected (bleeding-policy.rules)
 2003070 - ET WORM Korgo.U Reporting (bleeding-virus.rules)
 2003330 - ET POLICY Possible Spambot -- Host DNS MX Query High Count 
(bleeding-policy.rules)
 2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (bleeding-drop.rules)
 2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE 
(bleeding-drop-BLOCK.rules)
 2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE 
(bleeding-drop-BLOCK.rules)
 2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE 
(bleeding-drop-BLOCK.rules)
 2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE 
(bleeding-drop-BLOCK.rules)
 2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE 
(bleeding-drop-BLOCK.rules)
 2402000 - ET DROP Dshield Block Listed Source (bleeding-dshield.rules)
 2403000 - ET DROP Dshield Block Listed Source - BLOCKING 
(bleeding-dshield-BLOCK.rules)
 2404000 - ET DROP Known Bot C&C Server Traffic (group 1)  
(bleeding-botcc.rules)
 2404001 - ET DROP Known Bot C&C Server Traffic (group 2)  
(bleeding-botcc.rules)
 2404002 - ET DROP Known Bot C&C Server Traffic (group 3)  
(bleeding-botcc.rules)
 2404003 - ET DROP Known Bot C&C Server Traffic (group 4)  
(bleeding-botcc.rules)
 2404004 - ET DROP Known Bot C&C Server Traffic (group 5)  
(bleeding-botcc.rules)
 2404005 - ET DROP Known Bot C&C Server Traffic (group 6)  
(bleeding-botcc.rules)
 2404006 - ET DROP Known Bot C&C Server Traffic (group 7)  
(bleeding-botcc.rules)
 2404007 - ET DROP Known Bot C&C Server Traffic (group 8)  
(bleeding-botcc.rules)
 2404008 - ET DROP Known Bot C&C Server Traffic (group 9)  
(bleeding-botcc.rules)
 2404009 - ET DROP Known Bot C&C Server Traffic (group 10)  
(bleeding-botcc.rules)
 2404010 - ET DROP Known Bot C&C Server Traffic (group 11)  
(bleeding-botcc.rules)
 2404011 - ET DROP Known Bot C&C Server Traffic (group 12)  
(bleeding-botcc.rules)
 2404012 - ET DROP Known Bot C&C Server Traffic (group 13)  
(bleeding-botcc.rules)
 2404013 - ET DROP Known Bot C&C Server Traffic (group 14)  
(bleeding-botcc.rules)
 2404014 - ET DROP Known Bot C&C Server Traffic (group 15)  
(bleeding-botcc.rules)
 2404015 - ET DROP Known Bot C&C Server Traffic (group 16)  
(bleeding-botcc.rules)
 2404016 - ET DROP Known Bot C&C Server Traffic (group 17)  
(bleeding-botcc.rules)
 2404017 - ET DROP Known Bot C&C Server Traffic (group 18)  
(bleeding-botcc.rules)
 2405000 - ET DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405001 - ET DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405002 - ET DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405003 - ET DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405004 - ET DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405005 - ET DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405006 - ET DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405007 - ET DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405008 - ET DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405009 - ET DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405010 - ET DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405011 - ET DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405012 - ET DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405013 - ET DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405014 - ET DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405015 - ET DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405016 - ET DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2405017 - ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE 
(bleeding-botcc-BLOCK.rules)
 2406005 - ET RBN Known Russian Business Network Monitored Domains (1) 
(bleeding-rbn.rules)
 2406006 - ET RBN Known Russian Business Network Monitored Domains (2) 
(bleeding-rbn.rules)
 2406007 - ET RBN Known Russian Business Network Monitored Domains (3) 
(bleeding-rbn.rules)
 2406008 - ET RBN Known Russian Business Network Monitored Domains (4) 
(bleeding-rbn.rules)
 2406009 - ET RBN Known Russian Business Network Monitored Domains (5) 
(bleeding-rbn.rules)
 2406010 - ET RBN Known Russian Business Network Monitored Domains (6) 
(bleeding-rbn.rules)
 2406011 - ET RBN Known Russian Business Network Monitored Domains (7) 
(bleeding-rbn.rules)
 2406012 - ET RBN Known Russian Business Network Monitored Domains (8) 
(bleeding-rbn.rules)
 2406013 - ET RBN Known Russian Business Network Monitored Domains (9) 
(bleeding-rbn.rules)
 2406014 - ET RBN Known Russian Business Network Monitored Domains (10) 
(bleeding-rbn.rules)
 2406015 - ET RBN Known Russian Business Network Monitored Domains (11) 
(bleeding-rbn.rules)
 2406016 - ET RBN Known Russian Business Network Monitored Domains (12) 
(bleeding-rbn.rules)
 2406017 - ET RBN Known Russian Business Network Monitored Domains (13) 
(bleeding-rbn.rules)
 2406018 - ET RBN Known Russian Business Network Monitored Domains (14) 
(bleeding-rbn.rules)
 2406019 - ET RBN Known Russian Business Network Monitored Domains (15) 
(bleeding-rbn.rules)
 2406020 - ET RBN Known Russian Business Network Monitored Domains (16) 
(bleeding-rbn.rules)
 2406021 - ET RBN Known Russian Business Network Monitored Domains (17) 
(bleeding-rbn.rules)
 2406022 - ET RBN Known Russian Business Network Monitored Domains (18) 
(bleeding-rbn.rules)
 2406023 - ET RBN Known Russian Business Network Monitored Domains (19) 
(bleeding-rbn.rules)
 2406024 - ET RBN Known Russian Business Network Monitored Domains (20) 
(bleeding-rbn.rules)
 2406025 - ET RBN Known Russian Business Network Monitored Domains (21) 
(bleeding-rbn.rules)
 2406026 - ET RBN Known Russian Business Network Monitored Domains (22) 
(bleeding-rbn.rules)
 2406027 - ET RBN Known Russian Business Network Monitored Domains (23) 
(bleeding-rbn.rules)
 2406028 - ET RBN Known Russian Business Network Monitored Domains (24) 
(bleeding-rbn.rules)
 2406029 - ET RBN Known Russian Business Network Monitored Domains (25) 
(bleeding-rbn.rules)
 2406030 - ET RBN Known Russian Business Network Monitored Domains (26) 
(bleeding-rbn.rules)
 2406031 - ET RBN Known Russian Business Network Monitored Domains (27) 
(bleeding-rbn.rules)
 2406032 - ET RBN Known Russian Business Network Monitored Domains (28) 
(bleeding-rbn.rules)
 2406033 - ET RBN Known Russian Business Network Monitored Domains (29) 
(bleeding-rbn.rules)
 2406034 - ET RBN Known Russian Business Network Monitored Domains (30) 
(bleeding-rbn.rules)
 2407005 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(1) (bleeding-rbn-BLOCK.rules)
 2407006 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(2) (bleeding-rbn-BLOCK.rules)
 2407007 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(3) (bleeding-rbn-BLOCK.rules)
 2407008 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(4) (bleeding-rbn-BLOCK.rules)
 2407009 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(5) (bleeding-rbn-BLOCK.rules)
 2407010 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(6) (bleeding-rbn-BLOCK.rules)
 2407011 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(7) (bleeding-rbn-BLOCK.rules)
 2407012 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(8) (bleeding-rbn-BLOCK.rules)
 2407013 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(9) (bleeding-rbn-BLOCK.rules)
 2407014 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(10) (bleeding-rbn-BLOCK.rules)
 2407015 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(11) (bleeding-rbn-BLOCK.rules)
 2407016 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(12) (bleeding-rbn-BLOCK.rules)
 2407017 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(13) (bleeding-rbn-BLOCK.rules)
 2407018 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(14) (bleeding-rbn-BLOCK.rules)
 2407019 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(15) (bleeding-rbn-BLOCK.rules)
 2407020 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(16) (bleeding-rbn-BLOCK.rules)
 2407021 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(17) (bleeding-rbn-BLOCK.rules)
 2407022 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(18) (bleeding-rbn-BLOCK.rules)
 2407023 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(19) (bleeding-rbn-BLOCK.rules)
 2407024 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(20) (bleeding-rbn-BLOCK.rules)
 2407025 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(21) (bleeding-rbn-BLOCK.rules)
 2407026 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(22) (bleeding-rbn-BLOCK.rules)
 2407027 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(23) (bleeding-rbn-BLOCK.rules)
 2407028 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(24) (bleeding-rbn-BLOCK.rules)
 2407029 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(25) (bleeding-rbn-BLOCK.rules)
 2407030 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(26) (bleeding-rbn-BLOCK.rules)
 2407031 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(27) (bleeding-rbn-BLOCK.rules)
 2407032 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(28) (bleeding-rbn-BLOCK.rules)
 2407033 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(29) (bleeding-rbn-BLOCK.rules)
 2407034 - ET RBN Known Russian Business Network Monitored Domains - BLOCKING 
(30) (bleeding-rbn-BLOCK.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-drop-BLOCK.rules (2):
        #  VERSION 1066
        #  Generated 2008-02-22 01:03:00 EDT

     -> Added to bleeding-drop.rules (2):
        #  VERSION 1066
        #  Generated 2008-02-22 01:03:00 EDT

     -> Added to bleeding-exploit.rules (3):
        #by Akash Mahajan
        #by Akash Mahajan
        #by Akash Mahajan

     -> Added to bleeding-malware.rules (2):
        #by Will Metcalf
        #fake av, sig by matt jonkman

     -> Added to bleeding-rbn-BLOCK.rules (2):
        #  VERSION 36
        #  Updated 2008-02-21 10:21:51

     -> Added to bleeding-rbn.rules (2):
        #  VERSION 36
        #  Updated 2008-02-21 10:21:51

     -> Added to bleeding-sid-msg.map (24):
        207873 || ET WEB WinIPDS Directory Traversal Vulnerabilities POST || 
bugtraq,27757 || url,aluigi.altervista.org/adv/winipds-adv.txt
        2007855 || ET MALWARE OneStepSearch Host Activity
        2007856 || ET MALWARE System-defender.com Fake AV Install Checkin || 
url,www.system-defender.com
        2007858 || ET TROJAN Delf Keylog FTP Upload
        2007859 || ET MALWARE Suspicious User Agent - Possible Trojan 
Downloader (microsoft)
        2007860 || ET MALWARE Suspicious User Agent - Possible Trojan 
Downloader (Internet Explorer 6.0)
        2007861 || ET MALWARE Softcashier.com Spyware Install Checkin
        2007862 || ET TROJAN LDPinch Checkin (3)
        2007863 || ET TROJAN Banload HTTP Checkin
        2007864 || ET TROJAN Banload HTTP Checkin Detected
        2007865 || ET MALWARE Winreanimator.com Fake AV Install Attempt || 
url,www.winreanimator.com
        2007866 || ET TROJAN Gadu-Gadu.pl Related Trojan Reporting via HTTP
        2007867 || ET TROJAN Delf HTTP Post Checkin (1)
        2007868 || ET MALWARE Suspicious User Agent - Possible Trojan 
Downloader (Firefox)
        2007869 || ET MALWARE Vombanetwork Spyware User Agent 
(VombaProductsInstaller)
        2007870 || ET MALWARE Vombanetworks.com Spyware Installer Checkin
        2007871 || ET WEB Philips VOIP841 Web Server Directory Traversal || 
bugtraq,27790 || url,www.milw0rm.com/exploits/5113
        2007872 || ET WEB WinIPDS Directory Traversal Vulnerabilities GET || 
bugtraq,27757 || url,aluigi.altervista.org/adv/winipds-adv.txt
        2007874 || ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability || 
url,aluigi.altervista.org/adv/nowsmsz-adv.txt || bugtraq,27896
        2007875 || ET EXPLOIT Now SMS/MMS Gateway SMPP BOF Vulnerability || 
url,aluigi.altervista.org/adv/nowsmsz-adv.txt || bugtraq,27896
        2007876 || ET EXPLOIT ExtremeZ-IP File and Print Server Multiple 
Vulnerabilities - udp || cve,CVE-2008-0767 || 
url,aluigi.altervista.org/adv/ezipirla-adv.txt || bugtraq,27718
        2007877 || ET EXPLOIT ExtremeZ-IP File and Print Server Multiple 
Vulnerabilities - tcp || cve,CVE-2008-0759 || 
url,aluigi.altervista.org/adv/ezipirla-adv.txt || bugtraq,27718
        2007878 || ET WEB Apple QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote 
Stack Overflow || url,www.milw0rm.com/exploits/5110 || cve,CVE-2008-0778 || 
bugtraq,27769
        2007879 || ET EXPLOIT Cyan Soft Products Format String Vulnerability || 
url,aluigi.altervista.org/adv/cyanuro-adv.txt || bugtraq,27728 || 
cve,CVE-2008-0755

     -> Added to bleeding-sid-msg.map.txt (24):
        207873 || ET WEB WinIPDS Directory Traversal Vulnerabilities POST || 
bugtraq,27757 || url,aluigi.altervista.org/adv/winipds-adv.txt
        2007855 || ET MALWARE OneStepSearch Host Activity
        2007856 || ET MALWARE System-defender.com Fake AV Install Checkin || 
url,www.system-defender.com
        2007858 || ET TROJAN Delf Keylog FTP Upload
        2007859 || ET MALWARE Suspicious User Agent - Possible Trojan 
Downloader (microsoft)
        2007860 || ET MALWARE Suspicious User Agent - Possible Trojan 
Downloader (Internet Explorer 6.0)
        2007861 || ET MALWARE Softcashier.com Spyware Install Checkin
        2007862 || ET TROJAN LDPinch Checkin (3)
        2007863 || ET TROJAN Banload HTTP Checkin
        2007864 || ET TROJAN Banload HTTP Checkin Detected
        2007865 || ET MALWARE Winreanimator.com Fake AV Install Attempt || 
url,www.winreanimator.com
        2007866 || ET TROJAN Gadu-Gadu.pl Related Trojan Reporting via HTTP
        2007867 || ET TROJAN Delf HTTP Post Checkin (1)
        2007868 || ET MALWARE Suspicious User Agent - Possible Trojan 
Downloader (Firefox)
        2007869 || ET MALWARE Vombanetwork Spyware User Agent 
(VombaProductsInstaller)
        2007870 || ET MALWARE Vombanetworks.com Spyware Installer Checkin
        2007871 || ET WEB Philips VOIP841 Web Server Directory Traversal || 
bugtraq,27790 || url,www.milw0rm.com/exploits/5113
        2007872 || ET WEB WinIPDS Directory Traversal Vulnerabilities GET || 
bugtraq,27757 || url,aluigi.altervista.org/adv/winipds-adv.txt
        2007874 || ET EXPLOIT Now SMS/MMS Gateway HTTP BOF Vulnerability || 
url,aluigi.altervista.org/adv/nowsmsz-adv.txt || bugtraq,27896
        2007875 || ET EXPLOIT Now SMS/MMS Gateway SMPP BOF Vulnerability || 
url,aluigi.altervista.org/adv/nowsmsz-adv.txt || bugtraq,27896
        2007876 || ET EXPLOIT ExtremeZ-IP File and Print Server Multiple 
Vulnerabilities - udp || cve,CVE-2008-0767 || 
url,aluigi.altervista.org/adv/ezipirla-adv.txt || bugtraq,27718
        2007877 || ET EXPLOIT ExtremeZ-IP File and Print Server Multiple 
Vulnerabilities - tcp || cve,CVE-2008-0759 || 
url,aluigi.altervista.org/adv/ezipirla-adv.txt || bugtraq,27718
        2007878 || ET WEB Apple QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote 
Stack Overflow || url,www.milw0rm.com/exploits/5110 || cve,CVE-2008-0778 || 
bugtraq,27769
        2007879 || ET EXPLOIT Cyan Soft Products Format String Vulnerability || 
url,aluigi.altervista.org/adv/cyanuro-adv.txt || bugtraq,27728 || 
cve,CVE-2008-0755

     -> Added to bleeding-virus.rules (2):
        #delf keylog upload, kinda flimsy but works
        #spyware/trojan/backdoors all reported here. sig by matt jonkman

     -> Added to bleeding-web.rules (3):
        #by Akash Mahajan
        #by Akash Mahajan
        #by Akash Mahajan

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-drop-BLOCK.rules (2):
        #  VERSION 1060
        #  Generated 2008-02-16 01:03:00 EDT

     -> Removed from bleeding-drop.rules (2):
        #  VERSION 1060
        #  Generated 2008-02-16 01:03:00 EDT

     -> Removed from bleeding-rbn-BLOCK.rules (2):
        #  VERSION 35
        #  Updated 2008-02-08 16:03:09

     -> Removed from bleeding-rbn.rules (2):
        #  VERSION 35
        #  Updated 2008-02-08 16:03:09


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
<Prev in Thread]	Current Thread	[Next in Thread>
[Snort-sigs] Emerging Threats Weekly Signature Changes, emerging [Snort-sigs] Emerging Threats Weekly Signature Changes, emerging <= Re: [Snort-sigs] [Emerging-Sigs] Emerging Threats Weekly Signature Changes, Jackie Lai Re: [Snort-sigs] [Emerging-Sigs] Emerging Threats Weekly Signature Changes, Matt Jonkman
Previous by Date:	[Snort-sigs] Emerging Threats Daily Signature Changes, emerging
Next by Date:	[Snort-sigs] Emerging Threats Daily Signature Changes, emerging
Previous by Thread:	[Snort-sigs] Emerging Threats Weekly Signature Changes, emerging
Next by Thread:	Re: [Snort-sigs] [Emerging-Sigs] Emerging Threats Weekly Signature Changes, Jackie Lai
Indexes:	[Date] [Thread] [Top] [All Lists]