[Snort-sigs] New submissions
matt at ...2436...
Thu Jul 8 14:54:01 EDT 2004
A couple changes and a new rule are posted:
Jonathan Miner sent us this, he had started seeing the requests in
webproxy logs for:
This ought to get them:
alert tcp $HOME_NET any -> $EXTERNAL_NET 80 (msg:"BLEEDING-EDGE Malware
Binet"; uricontent:"/bi/servlet/BIMaster?"; nocase; classtype:
Jonathan also recommended an update for the rcprograms rule which has
The bittorrent rules have also been updated to reflect flow rather than
Thanks all for your submissions. Please keep them coming!!
More information about the Snort-sigs