[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Fri Dec 16 17:01:02 EST 2005


[***] Results from Oinkmaster started Fri Dec 16 20:00:08 2005 [***]

[+++]          Added rules:          [+++]

 2002726 - BLEEDING_EDGE VIRUS Bagle.gen SMTP Inbound (aka - .BK,.ET,.FT,.JH,Lodear.E,.gen,Mitglieder.GU) (bleeding-virus.rules)
 2002727 - BLEEDING_EDGE VIRUS Bagle.gen SMTP Outbound (aka - .BK,.ET,.FT,.JH,Lodear.E,.gen,Mitglieder.GU) (bleeding-virus.rules)
 2002728 - BLEEDING-EDGE TROJAN Ransky or variant backdoor communication ping (bleeding-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (3):
        2002726 || BLEEDING_EDGE VIRUS Bagle.gen SMTP Inbound (aka - .BK,.ET,.FT,.JH,Lodear.E,.gen,Mitglieder.GU) || url,isc.sans.org/diary.php?storyid=937
        2002727 || BLEEDING_EDGE VIRUS Bagle.gen SMTP Outbound (aka - .BK,.ET,.FT,.JH,Lodear.E,.gen,Mitglieder.GU) || url,isc.sans.org/diary.php?storyid=937
        2002728 || BLEEDING-EDGE TROJAN Ransky or variant backdoor communication ping || url,www.sophos.com/virusinfo/analyses/trojranckcx.html

     -> Added to bleeding-virus.rules (3):
        #by Myron Davis
        #Submitted by Mark Scott, 2005-12-15
        #Bagel variant of week 2005-12-15

     -> Added to bleeding.conf (1):
        #       include $RULE_PATH/bleeding.conf

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding.conf (1):
        #       include $RULES_PATH/bleeding.conf





More information about the Snort-sigs mailing list