[***] Results from Oinkmaster started Sat Jul 26 18:00:08 2008 [***]
[+++] Added rules: [+++]
2008446 - ET CURRENT_EVENTS Excessive DNS Responses with 1 or more RR's (100+
in 10 seconds) - possible Cache Poisoning Attempt (emerging.rules)
2008447 - ET CURRENT_EVENTS DNS Query Responses with 3 RR's set (50+ in 2
seconds) - possible NS RR Cache Poisoning Attempt (emerging.rules)
2008450 - ET TROJAN Buzus.lyz Connect to CnC (emerging-virus.rules)
2008451 - ET TROJAN Buzus.lyz Report to CnC (emerging-virus.rules)
2008452 - ET TROJAN Downloader.uxk checkin (emerging-virus.rules)
2008453 - ET SCAN Tomcat Auth Brute Force attempt (admin) (emerging-scan.rules)
2008454 - ET SCAN Tomcat Auth Brute Force attempt (tomcat)
(emerging-scan.rules)
2008455 - ET SCAN Tomcat Auth Brute Force attempt (manager)
(emerging-scan.rules)
2008456 - ET MALWARE PCPrivacyCleaner Rougue Secuirty App GET Checkin
(emerging-malware.rules)
2008457 - ET MALWARE Deepdo Toolbar User-Agent (FavUpdate)
(emerging-malware.rules)
2008458 - ET TROJAN Downloader UserAgent(AutoDL\/1.0) (emerging-virus.rules)
2008460 - ET MALWARE Suspicious User-Agent (hacker) (emerging-malware.rules)
2008461 - ET TROJAN Rouge Security Software Win32.BHO.egw
(emerging-virus.rules)
2008462 - ET TROJAN Downloader.Agent.ZHO CnC Commands (emerging-virus.rules)
2008463 - ET MALWARE Suspicious User-Agent (ieguideupdate)
(emerging-malware.rules)
2008464 - ET MALWARE Suspicious User-Agent (adsntD) (emerging-malware.rules)
2008465 - ET TROJAN Backdoor Possible Backdoor.Cow Varient
(Backdoor.Win32.Agent.lam) C&C traffic (emerging-virus.rules)
2008467 - ET WEB Possible SQL Injection Attempt Danmec related (declare)
(emerging-web.rules)
2008468 - ET TROJAN LDPinch Checkin Flowbit set (emerging-virus.rules)
2008469 - ET TROJAN LDPinch Checkin v2 (emerging-virus.rules)
2008470 - ET CURRENT_EVENTS Excessive NXDOMAIN responses - Possible DNS
Poisoning Attempt Backscatter (emerging.rules)
2008471 - ET TROJAN HotLan.C Spambot C&C download command
(emerging-virus.rules)
2008472 - ET POLICY Netviewer.com Remote Control Proxy Test
(emerging-policy.rules)
2008473 - ET TROJAN HotLan.C Spambot Trojan Activity (emerging-virus.rules)
2008474 - ET MALWARE Adware.Look2Me Activity (emerging-malware.rules)
2008475 - ET CURRENT_EVENTS DNS Query Responses with 3 RR's set (50+ in 2
seconds) - possible A RR Cache Poisoning Attempt (emerging.rules)
2008476 - ET EXPLOIT Foofus.net Password dumping, dll injection
(emerging-exploit.rules)
[///] Modified active rules: [///]
2001852 - ET MALWARE 404Search Spyware User Agent (emerging-malware.rules)
2001853 - ET MALWARE Easy Search Bar Spyware User Agent
(emerging-malware.rules)
2001854 - ET MALWARE EZULA Spyware User Agent (emerging-malware.rules)
2001869 - ET MALWARE Sidesearch Spyware User Agent (emerging-malware.rules)
2002776 - ET TROJAN SickleBot Reporting User Activity (emerging-virus.rules)
2008034 - ET TROJAN LDPinch SMTP Password Report (emerging-virus.rules)
2008077 - ET CURRENT_EVENTS Possible Storm Worm EXE Request (postcard.exe)
(emerging.rules)
2008175 - ET WEB Possible SQL Injection (varchar) (emerging-web.rules)
2008176 - ET WEB Possible SQL Injection (exec) (emerging-web.rules)
2008371 - ET MALWARE Likely Ad-ware installation phoning home (success and
NSISDL User-Agent) (emerging-malware.rules)
2008372 - ET MALWARE Adsincontext.com Related Spyware User-Agent (Connector
v1.2) (emerging-malware.rules)
2008374 - ET MALWARE Suspicious User-Agent (InetURL) (emerging-malware.rules)
2008378 - ET MALWARE Suspicious User-Agent (ErrCode) (emerging-malware.rules)
2008387 - ET CURRENT_EVENTS Possible ASPROX Hostile JS Being Served by a Local
Webserver (/ngg.js) (emerging.rules)
2008388 - ET CURRENT_EVENTS Possible ASPROX Hostile JS Being Served by a Local
Webserver (/b.js) (emerging.rules)
2008391 - ET MALWARE Suspicious User-Agent (svchost) (emerging-malware.rules)
2008400 - ET MALWARE Suspicious User-Agent (ReadFileURL)
(emerging-malware.rules)
2008411 - ET TROJAN LDPinch SMTP Password Report with mail client The Bat!
(emerging-virus.rules)
2008413 - ET MALWARE Suspicious User-Agent (PcPcUpdater)
(emerging-malware.rules)
2008422 - ET MALWARE Suspicious User-Agent (Inet_read) (emerging-malware.rules)
2008423 - ET MALWARE Suspicious User-Agent (CFS Agent) (emerging-malware.rules)
2008424 - ET MALWARE Suspicious User-Agent (CFS_DOWNLOAD)
(emerging-malware.rules)
2008427 - ET MALWARE Suspicious User-Agent (AdiseExplorer)
(emerging-malware.rules)
2008428 - ET MALWARE Suspicious User-Agent (HTTP Downloader)
(emerging-malware.rules)
2008429 - ET MALWARE Suspicious User-Agent (HttpDownload)
(emerging-malware.rules)
2008440 - ET MALWARE Suspicious User-Agent (Download App)
(emerging-malware.rules)
2400000 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
2400001 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
2400002 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
2400003 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
2400004 - ET DROP Spamhaus DROP Listed Traffic Inbound (emerging-drop.rules)
2401000 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE
(emerging-drop-BLOCK.rules)
2401001 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE
(emerging-drop-BLOCK.rules)
2401002 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE
(emerging-drop-BLOCK.rules)
2401003 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE
(emerging-drop-BLOCK.rules)
2401004 - ET DROP Spamhaus DROP Listed Traffic Inbound - BLOCKING SOURCE
(emerging-drop-BLOCK.rules)
2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
2403000 - ET DROP Dshield Block Listed Source - BLOCKING
(emerging-dshield-BLOCK.rules)
2404000 - ET DROP Known Bot C&C Server Traffic (group 1)
(emerging-botcc.rules)
2404001 - ET DROP Known Bot C&C Server Traffic (group 2)
(emerging-botcc.rules)
2404002 - ET DROP Known Bot C&C Server Traffic (group 3)
(emerging-botcc.rules)
2404003 - ET DROP Known Bot C&C Server Traffic (group 4)
(emerging-botcc.rules)
2404004 - ET DROP Known Bot C&C Server Traffic (group 5)
(emerging-botcc.rules)
2404005 - ET DROP Known Bot C&C Server Traffic (group 6)
(emerging-botcc.rules)
2404006 - ET DROP Known Bot C&C Server Traffic (group 7)
(emerging-botcc.rules)
2404007 - ET DROP Known Bot C&C Server Traffic (group 8)
(emerging-botcc.rules)
2404008 - ET DROP Known Bot C&C Server Traffic (group 9)
(emerging-botcc.rules)
2404009 - ET DROP Known Bot C&C Server Traffic (group 10)
(emerging-botcc.rules)
2404010 - ET DROP Known Bot C&C Server Traffic (group 11)
(emerging-botcc.rules)
2404011 - ET DROP Known Bot C&C Server Traffic (group 12)
(emerging-botcc.rules)
2404012 - ET DROP Known Bot C&C Server Traffic (group 13)
(emerging-botcc.rules)
2404013 - ET DROP Known Bot C&C Server Traffic (group 14)
(emerging-botcc.rules)
2404014 - ET DROP Known Bot C&C Server Traffic (group 15)
(emerging-botcc.rules)
2404015 - ET DROP Known Bot C&C Server Traffic (group 16)
(emerging-botcc.rules)
2404016 - ET DROP Known Bot C&C Server Traffic (group 17)
(emerging-botcc.rules)
2404017 - ET DROP Known Bot C&C Server Traffic (group 18)
(emerging-botcc.rules)
2404018 - ET DROP Known Bot C&C Server Traffic (group 19)
(emerging-botcc.rules)
2404019 - ET DROP Known Bot C&C Server Traffic (group 20)
(emerging-botcc.rules)
2404020 - ET DROP Known Bot C&C Server Traffic (group 21)
(emerging-botcc.rules)
2405000 - ET DROP Known Bot C&C Traffic (group 1) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405001 - ET DROP Known Bot C&C Traffic (group 2) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405002 - ET DROP Known Bot C&C Traffic (group 3) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405003 - ET DROP Known Bot C&C Traffic (group 4) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405004 - ET DROP Known Bot C&C Traffic (group 5) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405005 - ET DROP Known Bot C&C Traffic (group 6) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405006 - ET DROP Known Bot C&C Traffic (group 7) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405007 - ET DROP Known Bot C&C Traffic (group 8) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405008 - ET DROP Known Bot C&C Traffic (group 9) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405009 - ET DROP Known Bot C&C Traffic (group 10) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405010 - ET DROP Known Bot C&C Traffic (group 11) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405011 - ET DROP Known Bot C&C Traffic (group 12) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405012 - ET DROP Known Bot C&C Traffic (group 13) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405013 - ET DROP Known Bot C&C Traffic (group 14) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405014 - ET DROP Known Bot C&C Traffic (group 15) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405015 - ET DROP Known Bot C&C Traffic (group 16) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405016 - ET DROP Known Bot C&C Traffic (group 17) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405017 - ET DROP Known Bot C&C Traffic (group 18) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405018 - ET DROP Known Bot C&C Traffic (group 19) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405019 - ET DROP Known Bot C&C Traffic (group 20) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
2405020 - ET DROP Known Bot C&C Traffic (group 21) - BLOCKING SOURCE
(emerging-botcc-BLOCK.rules)
[---] Disabled rules: [---]
2003394 - ET MALWARE User Agent Containing http\:// - Suspicious - Likely
Spyware/Trojan (emerging-malware.rules)
2008417 - ET SCAN Wapiti Web Server Scan (emerging-scan.rules)
[---] Removed rules: [---]
2001502 - ET MALWARE Look2me Spyware Activity (2) (emerging-malware.rules)
2001859 - ET MALWARE Cool Web Search Spyware User Agent
(emerging-malware.rules)
2001860 - ET MALWARE Kontiki Spyware User Agent (emerging-malware.rules)
2001861 - ET MALWARE Micro-Gaming Spyware User Agent (emerging-malware.rules)
2001863 - ET MALWARE Fun Web Products Spyware User Agent (2)
(emerging-malware.rules)
2008075 - ET TROJAN LDPinch Checkin (6) (emerging-virus.rules)
2008089 - ET TROJAN LDPinch Checkin (7) (emerging-virus.rules)
2008288 - ET CURRENT_EVENTS Possible Storm Worm URL Request
(iran_occupation.exe) (emerging.rules)
2008446 - ET EXPLOIT Fgdump Session Established test file created created on
victim (emerging-exploit.rules)
2008447 - ET EXPLOIT Foofus.net Password dumping, dll injection
(emerging-exploit.rules)
[+++] Added non-rule lines: [+++]
-> Added to emerging-drop-BLOCK.rules (2):
# VERSION 1240
# Generated 2008-07-26 00:03:02 EDT
-> Added to emerging-drop.rules (2):
# VERSION 1240
# Generated 2008-07-26 00:03:02 EDT
-> Added to emerging-malware.rules (5):
#by Pedro Marinho
#by jeremy at sudosecure
# ref: 48ba8bfecf840fc9a5f8ff2e225452a7
#re 29259e88325fed161806d870c457c12c
#jeremy at sudosecure
-> Added to emerging-scan.rules (1):
#by Jack Pepper
-> Added to emerging-sid-msg.map (29):
2008077 || ET CURRENT_EVENTS Possible Storm Worm EXE Request
(postcard.exe) ||
url,www.us-cert.gov/current/index.html#new_storm_worm_varient_spreading ||
url,www.sudosecure.net/archives/146
2008176 || ET WEB Possible SQL Injection (exec)
2008446 || ET CURRENT_EVENTS Excessive DNS Responses with 1 or more
RR's (100+ in 10 seconds) - possible Cache Poisoning Attempt
2008447 || ET CURRENT_EVENTS DNS Query Responses with 3 RR's set (50+
in 2 seconds) - possible NS RR Cache Poisoning Attempt ||
url,infosec20.blogspot.com/2008/07/kaminsky-dns-cache-poisoning-poc.html
2008450 || ET TROJAN Buzus.lyz Connect to CnC
2008451 || ET TROJAN Buzus.lyz Report to CnC
2008452 || ET TROJAN Downloader.uxk checkin
2008453 || ET SCAN Tomcat Auth Brute Force attempt (admin)
2008454 || ET SCAN Tomcat Auth Brute Force attempt (tomcat)
2008455 || ET SCAN Tomcat Auth Brute Force attempt (manager)
2008456 || ET MALWARE PCPrivacyCleaner Rougue Secuirty App GET Checkin
|| url,www.spywaresignatures.com/details/pcprivacycleaner.pdf
2008457 || ET MALWARE Deepdo Toolbar User-Agent (FavUpdate) ||
url,research.sunbelt-software.com/threatdisplay.aspx?name=Deepdo%20Toolbar&threatid=129378
2008458 || ET TROJAN Downloader UserAgent(AutoDL\/1.0)
2008460 || ET MALWARE Suspicious User-Agent (hacker)
2008461 || ET TROJAN Rouge Security Software Win32.BHO.egw ||
url,research.sunbelt-software.com/threatdisplay.aspx?name=Trojan.Win32.BHO.egw&threatid=313636
2008462 || ET TROJAN Downloader.Agent.ZHO CnC Commands
2008463 || ET MALWARE Suspicious User-Agent (ieguideupdate)
2008464 || ET MALWARE Suspicious User-Agent (adsntD)
2008465 || ET TROJAN Backdoor Possible Backdoor.Cow Varient
(Backdoor.Win32.Agent.lam) C&C traffic
2008467 || ET WEB Possible SQL Injection Attempt Danmec related
(declare)
2008468 || ET TROJAN LDPinch Checkin Flowbit set
2008469 || ET TROJAN LDPinch Checkin v2
2008470 || ET CURRENT_EVENTS Excessive NXDOMAIN responses - Possible
DNS Poisoning Attempt Backscatter
2008471 || ET TROJAN HotLan.C Spambot C&C download command
2008472 || ET POLICY Netviewer.com Remote Control Proxy Test
2008473 || ET TROJAN HotLan.C Spambot Trojan Activity
2008474 || ET MALWARE Adware.Look2Me Activity
2008475 || ET CURRENT_EVENTS DNS Query Responses with 3 RR's set (50+
in 2 seconds) - possible A RR Cache Poisoning Attempt ||
url,infosec20.blogspot.com/2008/07/kaminsky-dns-cache-poisoning-poc.html
2008476 || ET EXPLOIT Foofus.net Password dumping, dll injection ||
url,xinn.org/Snort-fgdump.html
-> Added to emerging-sid-msg.map.txt (29):
2008077 || ET CURRENT_EVENTS Possible Storm Worm EXE Request
(postcard.exe) ||
url,www.us-cert.gov/current/index.html#new_storm_worm_varient_spreading ||
url,www.sudosecure.net/archives/146
2008176 || ET WEB Possible SQL Injection (exec)
2008446 || ET CURRENT_EVENTS Excessive DNS Responses with 1 or more
RR's (100+ in 10 seconds) - possible Cache Poisoning Attempt
2008447 || ET CURRENT_EVENTS DNS Query Responses with 3 RR's set (50+
in 2 seconds) - possible NS RR Cache Poisoning Attempt ||
url,infosec20.blogspot.com/2008/07/kaminsky-dns-cache-poisoning-poc.html
2008450 || ET TROJAN Buzus.lyz Connect to CnC
2008451 || ET TROJAN Buzus.lyz Report to CnC
2008452 || ET TROJAN Downloader.uxk checkin
2008453 || ET SCAN Tomcat Auth Brute Force attempt (admin)
2008454 || ET SCAN Tomcat Auth Brute Force attempt (tomcat)
2008455 || ET SCAN Tomcat Auth Brute Force attempt (manager)
2008456 || ET MALWARE PCPrivacyCleaner Rougue Secuirty App GET Checkin
|| url,www.spywaresignatures.com/details/pcprivacycleaner.pdf
2008457 || ET MALWARE Deepdo Toolbar User-Agent (FavUpdate) ||
url,research.sunbelt-software.com/threatdisplay.aspx?name=Deepdo%20Toolbar&threatid=129378
2008458 || ET TROJAN Downloader UserAgent(AutoDL\/1.0)
2008460 || ET MALWARE Suspicious User-Agent (hacker)
2008461 || ET TROJAN Rouge Security Software Win32.BHO.egw ||
url,research.sunbelt-software.com/threatdisplay.aspx?name=Trojan.Win32.BHO.egw&threatid=313636
2008462 || ET TROJAN Downloader.Agent.ZHO CnC Commands
2008463 || ET MALWARE Suspicious User-Agent (ieguideupdate)
2008464 || ET MALWARE Suspicious User-Agent (adsntD)
2008465 || ET TROJAN Backdoor Possible Backdoor.Cow Varient
(Backdoor.Win32.Agent.lam) C&C traffic
2008467 || ET WEB Possible SQL Injection Attempt Danmec related
(declare)
2008468 || ET TROJAN LDPinch Checkin Flowbit set
2008469 || ET TROJAN LDPinch Checkin v2
2008470 || ET CURRENT_EVENTS Excessive NXDOMAIN responses - Possible
DNS Poisoning Attempt Backscatter
2008471 || ET TROJAN HotLan.C Spambot C&C download command
2008472 || ET POLICY Netviewer.com Remote Control Proxy Test
2008473 || ET TROJAN HotLan.C Spambot Trojan Activity
2008474 || ET MALWARE Adware.Look2Me Activity
2008475 || ET CURRENT_EVENTS DNS Query Responses with 3 RR's set (50+
in 2 seconds) - possible A RR Cache Poisoning Attempt ||
url,infosec20.blogspot.com/2008/07/kaminsky-dns-cache-poisoning-poc.html
2008476 || ET EXPLOIT Foofus.net Password dumping, dll injection ||
url,xinn.org/Snort-fgdump.html
-> Added to emerging-virus.rules (8):
#General BHOs and the like
#by Jeremy at Sudosecure
# ref: a2404de3a35a263d775ceb451173f304
# ref: 30b2cc13a86a15396a25e89c2860351d
#ref: c698327def4db25af87de2caae512955
#Jeremy at sudosecure
# ref: f43842845f8d6213dda8d8739ae8a2b9
# ref: 04406e913a0070eac26df3627a7a05c1
-> Added to emerging-web.rules (1):
#danmec using url's like these
-> Added to emerging.rules (5):
#by many very smart people
# This may be a high load sig. Take time and seriously consider
# that your dns_servers var is set as narrowly as possible
#this will catch large numbers of nxdomain replies, a sign that someone
may be trying to poison you
#by Greg Martin at Econet
[---] Removed non-rule lines: [---]
-> Removed from emerging-drop-BLOCK.rules (2):
# VERSION 1232
# Generated 2008-07-18 00:03:02 EDT
-> Removed from emerging-drop.rules (2):
# VERSION 1232
# Generated 2008-07-18 00:03:02 EDT
-> Removed from emerging-exploit.rules (1):
#FGDump
-> Removed from emerging-sid-msg.map (12):
2001502 || ET MALWARE Look2me Spyware Activity (2) ||
url,securityresponse.symantec.com/avcenter/venc/data/adware.look2me.html
2001859 || ET MALWARE Cool Web Search Spyware User Agent
2001860 || ET MALWARE Kontiki Spyware User Agent
2001861 || ET MALWARE Micro-Gaming Spyware User Agent
2001863 || ET MALWARE Fun Web Products Spyware User Agent (2)
2008075 || ET TROJAN LDPinch Checkin (6)
2008077 || ET CURRENT_EVENTS Possible Storm Worm EXE Request (form.exe)
|| url,www.us-cert.gov/current/index.html#new_storm_worm_varient_spreading ||
url,www.sudosecure.net/archives/146
2008089 || ET TROJAN LDPinch Checkin (7)
2008176 || ET WEB Possible SQL (exec)
2008288 || ET CURRENT_EVENTS Possible Storm Worm URL Request
(iran_occupation.exe) ||
url,www.us-cert.gov/current/index.html#new_storm_worm_varient_spreading ||
url,www.sudosecure.net/archives/146
2008446 || ET EXPLOIT Fgdump Session Established test file created
created on victim || url,xinn.org/Snort-fgdump.html
2008447 || ET EXPLOIT Foofus.net Password dumping, dll injection ||
url,xinn.org/Snort-fgdump.html
-> Removed from emerging-sid-msg.map.txt (12):
2001502 || ET MALWARE Look2me Spyware Activity (2) ||
url,securityresponse.symantec.com/avcenter/venc/data/adware.look2me.html
2001859 || ET MALWARE Cool Web Search Spyware User Agent
2001860 || ET MALWARE Kontiki Spyware User Agent
2001861 || ET MALWARE Micro-Gaming Spyware User Agent
2001863 || ET MALWARE Fun Web Products Spyware User Agent (2)
2008075 || ET TROJAN LDPinch Checkin (6)
2008077 || ET CURRENT_EVENTS Possible Storm Worm EXE Request (form.exe)
|| url,www.us-cert.gov/current/index.html#new_storm_worm_varient_spreading ||
url,www.sudosecure.net/archives/146
2008089 || ET TROJAN LDPinch Checkin (7)
2008176 || ET WEB Possible SQL (exec)
2008288 || ET CURRENT_EVENTS Possible Storm Worm URL Request
(iran_occupation.exe) ||
url,www.us-cert.gov/current/index.html#new_storm_worm_varient_spreading ||
url,www.sudosecure.net/archives/146
2008446 || ET EXPLOIT Fgdump Session Established test file created
created on victim || url,xinn.org/Snort-fgdump.html
2008447 || ET EXPLOIT Foofus.net Password dumping, dll injection ||
url,xinn.org/Snort-fgdump.html
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
