[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Fri Aug 26 18:03:10 EDT 2005


[***] Results from Oinkmaster started Fri Aug 26 20:00:07 2005 [***]

[+++]          Added rules:          [+++]

 2002326 - BLEEDING-EDGE WORM W32.Reatle.I at ...110... Downloading Spybot.Worm (bleeding-virus.rules)
 2002327 - BLEEDING-EDGE POLICY Google Talk (Jabber) Client Login (bleeding-policy.rules)
 2002328 - BLEEDING-EDGE WEB Remote IIS Server Name spoof attempt (localhost) (bleeding-web.rules)
 2002329 - BLEEDING-EDGE WEB Remote IIS Server Name spoof attempt (127.0.0.1) (bleeding-web.rules)
 2002330 - BLEEDING-EDGE POLICY Google Talk TLS Client Traffic (bleeding-policy.rules)
 2002331 - BLEEDING-EDGE WEB Piranha default passwd attempt (bleeding-web.rules)
 2002332 - BLEEDING-EDGE POLICY Google IM traffic Windows client user sign-on (bleeding-policy.rules)
 2002333 - BLEEDING-EDGE POLICY Google IM traffic friend invited (bleeding-policy.rules)
 2002334 - BLEEDING-EDGE POLICY Google IM traffic Jabber client sign-on (bleeding-policy.rules)
 2002335 - BLEEDING-EDGE POLICY Google IM traffic Windows client user sign-off (bleeding-policy.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-policy.rules (1):
        #by Brad Doctor

     -> Added to bleeding-sid-msg.map (10):
        2002326 || BLEEDING-EDGE WORM W32.Reatle.I at ...110... Downloading Spybot.Worm || url,securityresponse.symantec.com/avcenter/venc/data/w32.reatle.i at ...1512...
        2002327 || BLEEDING-EDGE POLICY Google Talk (Jabber) Client Login || url,www.xmpp.org || url,talk.google.com
        2002328 || BLEEDING-EDGE WEB Remote IIS Server Name spoof attempt (localhost)
        2002329 || BLEEDING-EDGE WEB Remote IIS Server Name spoof attempt (127.0.0.1)
        2002330 || BLEEDING-EDGE POLICY Google Talk TLS Client Traffic || url,www.xmpp.org || url,talk.google.com
        2002331 || BLEEDING-EDGE WEB Piranha default passwd attempt || nessus,10381 || cve,2000-0248 || bugtraq,1148
        2002332 || BLEEDING-EDGE POLICY Google IM traffic Windows client user sign-on || url,www.google.com/talk
        2002333 || BLEEDING-EDGE POLICY Google IM traffic friend invited || url,www.google.com/talk
        2002334 || BLEEDING-EDGE POLICY Google IM traffic Jabber client sign-on || url,www.google.com/talk
        2002335 || BLEEDING-EDGE POLICY Google IM traffic Windows client user sign-off || url,www.google.com/talk

     -> Added to bleeding-virus.rules (1):
        #by dajackman

     -> Added to bleeding-web.rules (2):
        #by Rmkml
        #by Rmkml





More information about the Snort-sigs mailing list