[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Tue Jul 26 18:01:07 EDT 2005


[***] Results from Oinkmaster started Tue Jul 26 20:00:05 2005 [***]

[+++]          Added rules:          [+++]

 2002155 - BLEEDING-EDGE GAMES Steam connection (bleeding-game.rules)
 2002156 - BLEEDING-EDGE VIRUS Fireby proxy trojan port report (TCP) (bleeding-virus.rules)


[///]     Modified active rules:     [///]

 2001504 - BLEEDING-EDGE Malware Medialoads.com Spyware Activity (bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-game.rules (1):
        #By Ron Iago

     -> Added to bleeding-sid-msg.map (1):
        2002156 || BLEEDING-EDGE VIRUS Fireby proxy trojan port report (TCP) || url,securityresponse.symantec.com/avcenter/venc/data/backdoor.staprew.b.html

     -> Added to bleeding-virus.rules (2):
        # Reg Quinton mentioned that the trojan apparently uses TCP to communicate.
        # (Several references seem to confirm that). So we added this below, just to make sure.





More information about the Snort-sigs mailing list