[Snort-sigs] Bleedingsnort.com Daily Update

matt at ...2436... matt at ...2436...
Sat Aug 28 18:01:15 EDT 2004


[***] Results from Oinkmaster started Sat Aug 28 20:00:02 2004 [***]

[+++]          Added rules:          [+++]

     -> Added to bleeding.rules (2):
        alert tcp any any -> any 65506 (msg:"BLEEDING-EDGE Unknown activity port 65506"; reference:url,isc.sans.org/diary.php?date=2004-08-21; content: "|00 00 43|"; window: 16616; fragbits: D+; sid:1001232; rev:1;)
        alert tcp any any -> any 559 (msg:"BLEEDING-EDGE ISC Unknown activity port 559"; reference:url,isc.sans.org/diary.php?date=2004-08-21; content: "|04 01 00 50 D9 6A E8 11|"; sid:1001231; rev:1;)

[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (2):
        1001231 || BLEEDING-EDGE ISC Unknown activity port 559 || url,isc.sans.org/diary.php?date=2004-08-21
        1001232 || BLEEDING-EDGE Unknown activity port 65506 || url,isc.sans.org/diary.php?date=2004-08-21

[*] Added files: [*]
    None.





More information about the Snort-sigs mailing list